Google Custom Search

Hola a todos,

Este es el primer tema que publico, así que si hay algo que no se ajuste a lo esperado ruego me lo comuniquen.

He seguido todos los pasos de la guía de detección y eliminación de Malwares 2019 y después de que MalwareBytes y ESET Online QuickScan no me informen de ninguna amenaza, sigo con el mismo problema:

• Cada vez que hago una busqueda usando google chorme me lo redirige a “Google Custom Search” y me da unos resultados con muchos patrocinadores.

• Tengo instalado MalwareBytes en su versión de prueba y al hacer la busqueda me da un aviso de que el sitio web ha sido bloqueado debido a un troyano. (Dominio: cdn.immereeako.info)

• Además cuando hago clic dentro de las páginas que abro me salta a nuevas páginas de publicidad.

Les agradezo muchísimo cualquier ayuda que me puedan facilitar.

Saludos.

Hola @qrro_ppgo bienvenido al nuevo foro

Realiza los siguientes pasos, aunque hayas hecho alguno, sin cambiar el orden:

1) Descarga, actualiza y ejecuta Malwarebytes’ Anti-Malware, revisa en detalle el manual, para que sepas usarlo y configurarlo.

• Realiza un Análisis personalizado , actualizando si te lo pide.
• Pulsar en “Cuarentena seleccionado” para enviarlo a la cuarentena y Reinicias el sistema.
• En el apartado del manual Informes Informe de análisis encontrarás el reporte de MBAM, clic en Exportar Copiar al portapapeles.

2) Descarga AdwCleaner | InfoSpyware en el escritorio.

• Desactiva temporalmente el Antivirus Cómo deshabilitar temporalmente su Antivirus.
• Cierra también todos los programas que tengas abiertos.
• Ejecuta Adwcleaner.exe (Si usas Windows Vista/7 u 8 presiona clic derecho y selecciona "Ejecutar como Administrador".)
• Pulsar en el botón Escanear, y espera a que se realice el proceso, inmediatamente pulsa sobre el botón Limpiar.
• Espera a que se complete y sigue las instrucciones, si te pidiera Reiniciar el sistema Aceptas.
• Guardas el reporte que te aparecerá, para copiarlo y pegarlo en tu próxima respuesta.
• El informe también se puede encontrar en C:\AdwCleaner\AdwCleaner[C1].txt

3) Descarga CCleaner

• Instala Ccleaner
• Abres Ccleaner en la pestaña limpiador dejas como esta configurada predeterminadamente, haces clic en analizar esperas que termine clic en ejecutar limpiador
• Clic en la pestaña Registro clic en buscar problemas esperas que termine clic en Reparar Seleccionadas y haces una copia de seguridad
• Vuelves a darle clic en buscar problemas hasta que no encuentre ninguno.

Pega los reportes de Malwarebytes y AdwCleaner y comentas como va el problema.

Un saludo

Hola Daniela, gracias por responder tan pronto.

He seguido los pasos que me has enumerado. A continuación te incluyo los reportes que me indicabas.

Malwarebytes Anti-Malware:

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 16/6/19
Hora del análisis: 10:54
Archivo de registro: 500c88c3-9014-11e9-93d0-4ccc6afe8e76.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.11074
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.829)
CPU: x64
Sistema de archivos: NTFS
Usuario: QRROPPGO\Usuario

-Resumen del análisis-
Tipo de análisis: Análisis de amenazas
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 338805
Amenazas detectadas: 5
Amenazas en cuarentena: 5
Tiempo transcurrido: 1 min, 22 seg

-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Desactivado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 5
Adware.MailRu.BatBitRst, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Sustituido, [332], [481467],1.0.11074
PUP.Optional.Spigot, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [163], [454814],1.0.11074
PUP.Optional.Spigot, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [163], [454814],1.0.11074
PUP.Optional.MailRu, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\SyncData.sqlite3, Sustituido, [250], [454830],1.0.11074
PUP.Optional.MailRu, C:\USERS\USUARIO\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Sustituido, [250], [454830],1.0.11074

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

Y el de AdwCleanner:

# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build:    04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start:    06-16-2019
# Duration: 00:00:09
# OS:       Windows 10 Pro
# Scanned:  27501
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1396 octets] - [08/06/2019 14:03:37]
AdwCleaner[C00].txt - [1524 octets] - [08/06/2019 14:03:53]
AdwCleaner[S01].txt - [1371 octets] - [08/06/2019 14:21:29]
AdwCleaner[C01].txt - [1557 octets] - [08/06/2019 14:21:52]
AdwCleaner[S02].txt - [1493 octets] - [14/06/2019 21:09:26]
AdwCleaner[S03].txt - [1554 octets] - [14/06/2019 22:19:17]
AdwCleaner[C03].txt - [1740 octets] - [14/06/2019 22:19:30]
AdwCleaner[S04].txt - [2051 octets] - [15/06/2019 12:58:52]
AdwCleaner[C04].txt - [2141 octets] - [15/06/2019 12:59:15]
AdwCleaner[S05].txt - [2083 octets] - [15/06/2019 13:47:32]
AdwCleaner[C05].txt - [2211 octets] - [15/06/2019 14:06:23]
AdwCleaner[S06].txt - [2010 octets] - [15/06/2019 14:09:49]
AdwCleaner[C06].txt - [2158 octets] - [15/06/2019 15:22:55]
AdwCleaner[S07].txt - [2042 octets] - [15/06/2019 19:58:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S08].txt ##########

A ver si se puede resolver el problema.

Muchísimas gracias.

Hola

Con Malwarebytes has realizado un análisis de amenazas y te indiqué que lo hicieras personalizado, vuelve a ejecutarlo a ver si detecta algo más.

Después de reiniciar, realiza lo siguiente:

Desactiva temporalmente el Antivirus >> Cómo deshabilitar temporalmente su Antivirus

Descarga Farbar Recovery Scan Tool.en el escritorio, seleccionando la versión adecuada para la arquitectura(32 o 64bits) de tu equipo. [color=#FF8C00][size=1] ¿Cómo saber si mi Windows es de 32 o 64 bits.?[/size][/color]

• Ejecuta FRST.exe.
• En el mensaje de la ventana del Disclaimer, pulsamos Yes
• En la ventana principal pulsamos en el botón Scan y esperamos a que concluya el proceso.
• Se abrirán dos(2) archivos(Logs), Frst.txt y Addition.txt, estos quedaran grabados en el escritorio.

Pon los dos reportes generados.

Debes copiarlos y pegarlos con todo su contenido y usaras varios mensajes si recibes un mensaje de error indicando que es muy largo(mas de 50.000 caracteres aprox.).

Un saludo

Hola Daniela.

En primer lugar, disculpa por el despiste a la hora de seleccionar el tipo de Análisis en MalwareBytes. He vuelto a realizar el Análisis (Personalizado) en MalwareBytes y obtengo lo siguiente:

He tenido que dividir el mensaje en 4:

Primer Mensaje

Malwarebytes
www.malwarebytes.com

-Detalles del registro-
Fecha del análisis: 16/6/19
Hora del análisis: 19:59
Archivo de registro: 6c70cd24-9060-11e9-ba61-4ccc6afe8e76.json

-Información del software-
Versión: 3.7.1.2839
Versión de los componentes: 1.0.586
Versión del paquete de actualización: 1.0.11080
Licencia: Prueba

-Información del sistema-
SO: Windows 10 (Build 17134.829)
CPU: x64
Sistema de archivos: NTFS
Usuario: QRROPPGO\Usuario

-Resumen del análisis-
Tipo de análisis: Análisis personalizado
Análisis iniciado por:: Manual
Resultado: Completado
Objetos analizados: 1571889
Amenazas detectadas: 71
Amenazas en cuarentena: 71
Tiempo transcurrido: 3 hr, 31 min, 17 seg
[/details]


-Opciones de análisis-
Memoria: Activado
Inicio: Activado
Sistema de archivos: Activado
Archivo: Activado
Rootkits: Activado
Heurística: Activado
PUP: Detectar
PUM: Detectar

-Detalles del análisis-
Proceso: 0
(No hay elementos maliciosos detectados)

Módulo: 0
(No hay elementos maliciosos detectados)

Clave del registro: 0
(No hay elementos maliciosos detectados)

Valor del registro: 0
(No hay elementos maliciosos detectados)

Datos del registro: 0
(No hay elementos maliciosos detectados)

Secuencia de datos: 0
(No hay elementos maliciosos detectados)

Carpeta: 0
(No hay elementos maliciosos detectados)

Archivo: 71
Trojan.Dropper, C:\GAMES\X-PLANE 11\RESOURCES\DEFAULT SCENERY\1000 WORLD TERRAIN\TEXTURES10\SHARED\FORNOISE.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\GAMES\X-PLANE 11\RESOURCES\DEFAULT SCENERY\1000 WORLD TERRAIN\TEXTURES10\SHARED\TILES_4X4.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\GAMES\X-PLANE 11\RESOURCES\DEFAULT SCENERY\1000 WORLD TERRAIN\TEXTURES10\SHARED\FRCNOISE.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\GAMES\X-PLANE 11\RESOURCES\DEFAULT SCENERY\1000 WORLD TERRAIN\TEXTURES10\SHARED\TILES_8X4.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\GAMES\X-PLANE 11\RESOURCES\DEFAULT SCENERY\1000 WORLD TERRAIN\TEXTURES10\SHARED\CLUMPY_TURF4_NML.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\GAMES\X-PLANE 11\RESOURCES\DEFAULT SCENERY\1000 WORLD TERRAIN\TEXTURES10\SHARED\GRASS_GRN_BRN_DRY_TRN.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\GAMES\X-PLANE 11\RESOURCES\DEFAULT SCENERY\1000 WORLD TERRAIN\TEXTURES10\SHARED\CRPNOISE.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\GAMES\X-PLANE 11\RESOURCES\DEFAULT SCENERY\1000 WORLD TERRAIN\TEXTURES10\SHARED\NATNOISE.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\GAMES\X-PLANE 11\RESOURCES\DEFAULT SCENERY\1000 WORLD TERRAIN\TEXTURES10\SHARED\GRASS_DIRT_GREENISH_ALB.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\GAMES\X-PLANE 11\RESOURCES\DEFAULT SCENERY\1000 WORLD TERRAIN\TEXTURES10\SHARED\DECAL_LF_1024.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\GAMES\X-PLANE 11\RESOURCES\DEFAULT SCENERY\1000 WORLD TERRAIN\TEXTURES10\SHARED\RGBA_DECAL_LONG_GRASS_ALPHA_GRAVEL_512.ZIP, En cuarentena, [750], [647956],1.0.11080
CrackTool.Agent, C:\PROGRAM FILES\ADOBE\ADOBE LIGHTROOM CLASSIC\AMTEMU.V0.9.2-PAINTER.EXE, En cuarentena, [6087], [445980],1.0.11080
HackTool.FilePatch, C:\PROGRAM FILES\ADOBE\ADOBE LIGHTROOM CLASSIC\ADOBE.PHOTOSHOP.CC.2019.[X64]-MPT.EXE, En cuarentena, [7703], [281135],1.0.11080
CrackTool.Agent, C:\PROGRAM FILES\ADOBE\ADOBE PHOTOSHOP CC 2019\AMTEMU.V0.9.2-PAINTER.EXE, En cuarentena, [6087], [445980],1.0.11080
HackTool.FilePatch, C:\PROGRAM FILES\ADOBE\ADOBE PHOTOSHOP CC 2019\ADOBE.PHOTOSHOP.CC.2019.[X64]-MPT.EXE, En cuarentena, [7703], [281135],1.0.11080
CrackTool.Agent, C:\PROGRAM FILES\ADOBE\ADOBE LIGHTROOM CLASSIC CC\AMTEMU.V0.9.2-PAINTER.EXE, En cuarentena, [6087], [445980],1.0.11080
Trojan.Downloader, C:\PROGRAM FILES\ADOBE\ADOBE LIGHTROOM CLASSIC\ADOBE CC 2019 ZER0COD3 PATCHER.EXE, En cuarentena, [521], [614639],1.0.11080
CrackTool.Agent, C:\PROGRAM FILES (X86)\ADOBE\ACROBAT DC\ACROBAT\AMTEMU.V0.9.2-PAINTER.EXE, En cuarentena, [6087], [445980],1.0.11080
Trojan.Dropper, C:\PROGRAM FILES (X86)\MICROSOFT OFFICE\ROOT\VFS\PROGRAMFILESX86\MICROSOFT SQL SERVER\130\SHARED\MSASXPRESS.ZIP, En cuarentena, [750], [647956],1.0.11080
Generic.Malware/Suspicious, C:\USERS\USUARIO\APPDATA\ROAMING\MICROSOFT\SYSTEMCERTIFICATES\MY\CTLS\7ZIPARCHIVER\TRZD287.TMP, En cuarentena, [0], [392686],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMCCPHR.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMECFM.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMEDICAPICCPS.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMEAPIS.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMECFMPS.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMEFILES.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMELM.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMESEARCH.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMETIP.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\MSCAND20.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMEPADSM.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMESEARCHDLL.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMEWDBLD.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMEBROKERPS.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMECFMUI.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMEPADSV.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMESEARCHPS.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Dropper, C:\WINDOWS\SYSWOW64\IME\SHARED\IMJKAPI.ZIP, En cuarentena, [750], [647956],1.0.11080
Trojan.Downloader, E:\DESCARGAS\ZER0C0D3.PTC.AP.ZENTINELS\ADOBE CC 2019 ZER0COD3 PATCHER.EXE, En cuarentena, [521], [614639],1.0.11080
Trojan.Downloader, E:\DESCARGAS\ZER0C0D3.PTC.AP.ZENTINELS.RAR, En cuarentena, [521], [614639],1.0.11080
Generic.Malware/Suspicious, E:\DESCARGAS\COREL.PINNACLE.STUDIO.ULTIMATE.V18.1.MULTILINGUAL.X64.INCL.KEYMAKER-CORE\COREL.PINNACLE.STUDIO.ULTIMATE.V18.1.MULTILINGUAL.X64.INCL.KEYMAKER-CORE\KEYGEN.EXE, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS DOCUMENTOS\DOCUMENTACIóN\FORMACIóN\GRADO EN INGENIERíA INFORMáTICA DE COMPUTADORES\SETR2\PRáCTICAS\MATERIAL ADICIONAL\EJEMPLOS Y LIBRERIAS\OPEN407I-C\ETH\TOOL\PC_SOFTWARE\TFTPD32-3.51-SETUP.EXE, En cuarentena, [0], [392686],1.0.11080
CrackTool.Agent, E:\MIS PROGRAMAS\EDICION\IMáGENES\ADOBE PHOTOSHOP CC 2017 64-BIT\ACTIVADOR DEL PHOTOSHOP CC 2017\AMTEMU.V0.9.2-PAINTER.EXE, En cuarentena, [6087], [445980],1.0.11080
HackTool.FilePatch, E:\MIS PROGRAMAS\EDICION\IMáGENES\ADOBE.PHOTOSHOP.CC.2019.PATCH-MPT\ADOBE.PHOTOSHOP.CC.2019.[X64]-MPT.EXE, En cuarentena, [7703], [281135],1.0.11080
PUP.Optional.Spigot, E:\MIS PROGRAMAS\EDICION\SONIDO\FRPSETUP.EXE, En cuarentena, [163], [300859],1.0.11080
RiskWare.Tool.CK, E:\MIS PROGRAMAS\SISTEMA\DEEP FREEZE STANDARD 8.60.020.4589\KEYGEN 2015\KEYGEN 2015\KEYGEN.EXE, En cuarentena, [7564], [33379],1.0.11080
PUP.Optional.InstallCore.Generic, E:\MIS PROGRAMAS\REDES\ATUBE_CATCHER_7986.EXE, En cuarentena, [560], [621110],1.0.11080
RiskWare.HackTool, E:\MIS PROGRAMAS\HARDWARE\DRIVERS\DRIVER EASY PROFESSIONAL 5.6.7.42416 FULL WITH CRACK.RAR, En cuarentena, [7773], [558912],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\SISTEMA\HACK\[BAGAS31] KMSPICO 10.2.0 FINAL ACTIVATOR\KMSPICO 10.2.0 FINAL.EXE, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\SISTEMA\HACK\KMSPICO 10.2.0 FINAL\KMSPICO PORTABLE\KMSELDI.EXE, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\SISTEMA\HACK\KMSPICO 10.2.0 FINAL.ZIP, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\SISTEMA\HACK\[BAGAS31] KMSPICO 10.2.0 FINAL ACTIVATOR.ZIP, En cuarentena, [0], [392686],1.0.11080
RiskWare.Tool.CK, E:\MIS PROGRAMAS\SISTEMA\ÚTILIDADES\SCOOTER.SOFTWARE.BEYOND.COMPARE.PRO.V4.1.3.20814.INCL.PATCH.AND.KEYMAKER-ZWT.RAR, En cuarentena, [7564], [33379],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\SISTEMA\HACK\KMSPICO 10.2.0 FINAL\KMSPICO 10.2.0 FINAL\KMSPICO PORTABLE\AUTOPICO.EXE, En cuarentena, [0], [392686],1.0.11080
HackTool.FilePatch, E:\MIS PROGRAMAS\VARIOS\WONDERSHARE VIDEO CONVERTER ULTIMATE 7.3.0.3 MULTILANGUAGE\WONDERSHARE.VIDEO.CONVERTER.ULTIMATE.6.X-PATCH.EXE, En cuarentena, [7703], [281135],1.0.11080
HackTool.WpaKill, E:\MIS PROGRAMAS\SISTEMA\HACK\REMOVEWAT 2.2.6.RAR, En cuarentena, [8424], [75683],1.0.11080
Trojan.Dropper, E:\MIS PROGRAMAS\SISTEMA\HACK\KMSPICO 11 FINAL 2018 (OFFICE 2016 AND WINDOWS 10+8+7 ACTIVATOR) JM20352 COL.ZIP, En cuarentena, [750], [647956],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\SISTEMA\ÚTILIDADES\WONDERSHARE DATA RECOVERY 4.1.1.1 + PATCH.RAR, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\SISTEMA\HACK\KMSPICO 10.2.0 FINAL\KMSPICO PORTABLE\AUTOPICO.EXE, En cuarentena, [0], [392686],1.0.11080
RiskWare.Tool.CK, E:\MIS PROGRAMAS\SISTEMA\ÚTILIDADES\SCOOTER.SOFTWARE.BEYOND.COMPARE.PRO.V4.1.3.20814.INCL.PATCH.AND.KEYMAKER-ZWT\SCOOTER.SOFTWARE.BEYOND.COMPARE.PRO.V4.1.3.20814.INCL.PATCH.AND.KEYMAKER-ZWT\KEYGEN.EXE, En cuarentena, [7564], [33379],1.0.11080
Trojan.MalPack.NSPack, E:\MIS PROGRAMAS\SISTEMA\ÚTILIDADES\PRINTMAESTRO_PORT\MAESTRO4.DLL, En cuarentena, [14242], [278740],1.0.11080
HackTool.FilePatch, E:\MIS PROGRAMAS\VARIOS\WONDERSHARE VIDEO CONVERTER ULTIMATE 7.3.0.3 MULTILANGUAGE\WONDERSHARE.VIDEO.CONVERTER.ULTIMATE.6.X-PATCH.RAR, En cuarentena, [7703], [281135],1.0.11080
Generic.Malware/Suspicious, C:\USERS\USUARIO\GOOGLE DRIVE ([email protected])\SAFABP\PROGRAMACIóN\ÚTILES\FILEZILLA_3.3.2.1_WIN32-SETUP.EXE, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\EDICION\TEXTO\OFFICE\OFFICE 2016\ACTIVADORES\KMSAUTO LITE PORTABLE V1.2.1\KMSAUTO LITE PORTABLE V1.2.1\KMSAUTO.EXE, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\EDICION\TEXTO\OFFICE\OFFICE 2016\ACTIVADORES\KMSAUTO LITE PORTABLE V1.2.1.ZIP, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\EDICION\TEXTO\PDF'S\PDFCREATOR_0_9_9.EXE, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\SISTEMA\HACK\CHROMEPASS.ZIP, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\VARIOS\PSEINT-W32-20181009.EXE, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\SISTEMA\HACK\KMSPICO 10.2.0 FINAL\KMSPICO 10.2.0 FINAL\KMSPICO INSTALL\KMSPICO_SETUP.EXE, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\SISTEMA\HACK\KMSPICO 10.2.0 FINAL\KMSPICO INSTALL\KMSPICO_SETUP.EXE, En cuarentena, [0], [392686],1.0.11080
Generic.Malware/Suspicious, E:\MIS PROGRAMAS\EDICION\TEXTO\OFFICE\OFFICE 2016\ACTIVADORES\KMSAUTO NET 2015 V1.3.9 PORTABLE.ZIP, En cuarentena, [0], [392686],1.0.11080

Sector físico: 0
(No hay elementos maliciosos detectados)

WMI: 0
(No hay elementos maliciosos detectados)


(end)

A siguiendo los pasos que me indicaste ejecuto FRST64.exe y obtengo lo siguiente:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2019
Ran by Usuario (administrator) on QRROPPGO (MSI MS-7A70) (17-06-2019 00:51:27)
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario)
Platform: Windows 10 Pro Version 1803 17134.829 (X64) Language: Español (España, internacional)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.46.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\74.4.115\QtWebEngineProcess.exe
(Dropbox, Inc -> The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\74.4.115\QtWebEngineProcess.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Google LLC -> ) C:\Program Files\Google\Drive\googledrivesync.exe
(Guillemot Corporation -> Thrustmaster®) C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett Packard -> Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ICEpower a/s -> ICEpower) C:\Windows\System32\ICEsoundService64.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Extreme Tuning Utility -> Intel(R) Corporation) C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
(Intel(R) Software Development Products -> Intel Corporation) C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1902.2-0\MpCmdRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.760_none_eaef1a361d71e348\TiWorker.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\DPC Latency Tuner\DPCLT_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\Live Update.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\EyeRest.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\TriggerModeMonitor.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\VideoCardMonitorII.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\MSI X Boost\X_Boost.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\Mystic Light\Mystic Light.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.) C:\Program Files (x86)\MSI\Mystic Light\MysticLight_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD. -> MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [262024 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9270776 2019-04-01] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2622520 2019-05-19] (Adobe Inc. -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4810288 2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [5576512 2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [Mystic Light] => C:\Program Files (x86)\MSI\Mystic Light\Mystic Light.exe [3098808 2018-04-16] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [759120 2015-04-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> )
HKLM-x32\...\Run: [X_Boost] => C:\Program Files (x86)\MSI\MSI X Boost\X_Boost.exe [4260000 2018-08-28] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1028280 2017-11-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Live Update] => C:\Program Files (x86)\MSI\Live Update\Live Update.exe [26279088 2019-05-10] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [835760 2019-04-30] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2137744 2016-10-08] (Wondershare software CO., LIMITED -> Wondershare)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1638129444-2534472759-115848258-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46956792 2019-05-22] (Google LLC -> )
HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.90\Installer\chrmstp.exe [2019-06-15] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-07-05]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett Packard -> Hewlett-Packard Co.)
BootExecute: autocheck autochk * sh4native 7099
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {068A77F8-C3B9-426B-BC1E-9EA4E5DD2985} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648048 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1327AC40-31B0-490F-A9CD-CDC9F0438D7C} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
Task: {17ED3CC2-C7AC-4782-B2B7-ADC4FA50D9F2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [1454592 2018-09-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {18AF2590-EF1F-49AD-95C5-1F9EA26D4171} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112664 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {2E2C1C49-DF97-4364-ACF1-6FB3E58F452A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26167288 2019-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {31346DA4-614E-4A17-B791-B6335E55601E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448480 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {354B136D-46E6-4F21-9C99-8CF97B886098} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-15] (Google Inc -> Google LLC)
Task: {38C69AA3-CAF0-4058-A1FE-2643A509921B} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {45D029DF-98CA-48A0-A86E-E6460AD96016} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {466CD61B-B3F8-4201-B378-B0ED51098E93} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16664352 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {4CADDF62-99C5-4BEF-96CA-B30B3E79B0B3} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Task: {4E23D1E7-A78A-4DFF-8026-BEAD60DE7C7B} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4FA1AC81-DE1C-4BC1-A20E-8121A0FD4096} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3728752 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {50B7F71A-DABD-4EBA-8805-94BB4C066EF7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2281944 2019-06-04] (AVAST Software s.r.o. -> AVAST Software)
Task: {5AE5EC2D-B244-43BD-8F45-FFD22E99E22B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4470824 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B96CBF3-301A-46CB-8A73-C8953C247E58} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5EDEE408-9DA6-4C0D-8DC6-DFB568739FD1} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2934152 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
Task: {61E09866-2FE8-48E2-BDC2-59533B66580D} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {6687DE53-0AAF-473A-88D3-D2666D3C2DC4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {6C019A5C-54F5-4216-ADCF-8D987DA58EFB} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6E8696E2-212B-4831-A800-B0B16680ACAD} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
Task: {6F617B39-D227-4D19-8801-092376A2A3BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26167288 2019-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {995D7996-82DD-4A14-9EEE-37FA4CD9F6D1} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2018-01-31] () [File not signed]
Task: {9E2A39A3-5C2F-4AE0-B335-477A1EC5EC2A} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9E76E6FE-2619-4AC4-BFDD-EE2396DD753D} - System32\Tasks\Sk1948Pl => C:\Users\Usuario\AppData\Local\prunld8080\he9025.exe
Task: {A61C344D-FFE3-44EF-972D-1CC0FD80130A} - System32\Tasks\AdobeGCInvoker-1.0-QRROPPGO-Usuario => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {A894A6A2-D255-418C-B96F-4BE4B135B911} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-06-15] (Google Inc -> Google LLC)
Task: {AD93BF8A-8E12-4DE9-8343-4066993ABAC9} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [876912 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7B48124-04B0-4ADB-A8E3-3FF1672CACCE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1448480 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {C69E6B5F-9226-4955-A276-5416F81D1B8D} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\IntelPTTEKRecertification.exe [814872 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {CC66E504-9B2E-4925-8FD4-FE60E8EE0A86} - System32\Tasks\Intel\Intel Telemetry 2 (x86) => C:\Program Files (x86)\Intel\Telemetry 2.0\lrio.exe [1328392 2015-11-20] (Intel(R) Software -> Intel Corporation)
Task: {CEF70165-0DC2-4BF2-A5B3-F757FF619468} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4470824 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D838E21D-F21C-4742-8E4E-5E146D7F2010} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-09-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {DF6F9927-2E35-4CCA-B4FB-7D92044C6FC1} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-04] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E2527EC2-AC49-4BCF-BBB3-A619E3259CA9} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112664 2019-06-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E7029380-08B8-4769-9835-932EF4F62BE1} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849264 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ED24D046-F848-47AD-8AB4-B237261EBEF9} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [590704 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB35D4D2-DE0E-488A-AAFC-3744FA88D9CF} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: 127.0.0.1 platform.wondershare.com
Tcpip\..\Interfaces\{e83b853e-fad1-4836-ade7-a9884d87d166}: [NameServer] 8.8.8.8,8.8.4.4,95.216.188.196,116.203.6.218,8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1638129444-2534472759-115848258-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = 
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-06-03] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: ff8foa70.default-1560584969784
FF ProfilePath: C:\Users\Usuario\AppData\Roaming\Mozilla\Firefox\Profiles\ff8foa70.default-1560584969784 [2019-06-16]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-10-06]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-06] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-06-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-05-19] (Adobe Inc. -> Adobe Systems)

Chrome: 
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default [2019-06-16]
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-15]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-15]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-15]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-15]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2019-06-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-15]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-15]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-15]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-15]
CHR Extension: (AdBlock) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-06-16]
CHR Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-06-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-06-15]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-15]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-15]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-06-16]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-06-16]
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-16]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-16]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-16]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-16]
CHR Extension: (Chrome RDP) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cbkkbcmdlboombapidmoeolnmdacpkch [2019-06-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-16]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-16]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-16]
CHR Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-06-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-06-16]
CHR Extension: (Captura de página completa - FireShot) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2019-06-16]
CHR Extension: (Office Online) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2019-06-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-16]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-16]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2 [2019-06-16]
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-16]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-16]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-16]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-16]
CHR Extension: (Google Cast for Education) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bnmgbcehmiinmmlmepibeeflglhbhlea [2019-06-16]
CHR Extension: (uBlock Origin) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-06-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-16]
CHR Extension: (Avast SafePrice | Comparaciones, ofertas y cupones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-16]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-16]
CHR Extension: (AdBlock) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2019-06-16]
CHR Extension: (Avast Online Security) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-06-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-06-16]
CHR Extension: (Captura de página completa - FireShot) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2019-06-16]
CHR Extension: (Office Online) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ndjpnladcallmjemlbaebfadecfhkepb [2019-06-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-16]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-16]
CHR Extension: (Add MY Documents) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\plmanjiaoflhcilcfdnjeffklbgejmje [2019-06-16]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3 [2019-06-16]
CHR Extension: (Presentaciones) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-06-16]
CHR Extension: (Documentos) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2019-06-16]
CHR Extension: (Google Drive) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-06-16]
CHR Extension: (YouTube) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-06-16]
CHR Extension: (Adobe Acrobat) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-06-16]
CHR Extension: (Hojas de cálculo) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-06-16]
CHR Extension: (Documentos de Google sin conexión) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-06-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-06-16]
CHR Extension: (Sistema de pagos de Chrome Web Store) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-06-16]
CHR Extension: (Gmail) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-16]
CHR Profile: C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\System Profile [2019-06-16]
CHR HKU\S-1-5-21-1638129444-2534472759-115848258-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [816184 2019-05-19] (Adobe Inc. -> Adobe Inc.)
R2 AESMService; C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [3089680 2017-11-12] (Intel(R) Software Development Products -> Intel Corporation)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6844776 2019-05-28] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [409224 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7206312 2018-07-17] (BattlEye Innovations e.K. -> )
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11146224 2019-06-06] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-05] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-07-05] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-06-04] (Dropbox, Inc -> Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2017-03-22] (Digital Wave Ltd -> Digital Wave Ltd.)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [780928 2018-07-07] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 ICEsoundService; C:\WINDOWS\system32\ICEsoundService64.exe [806352 2018-11-29] (ICEpower a/s -> ICEpower)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [758552 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [719640 2018-03-02] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [205968 2017-12-03] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S3 MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\MSIClockService_x64.exe [2669240 2018-01-12] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\MSICommService.exe [2343608 2018-11-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\MSICPUService_x64.exe [2725048 2017-12-22] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSICTL_CC; C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe [2255544 2018-11-19] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\MSIDDRService.exe [2507960 2018-11-30] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\MSISMBService.exe [2136248 2018-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
S3 MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\MSISuperIOService.exe [2742968 2018-08-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_ActiveX_Service; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\MSI_ActiveX_Service.exe [86688 2018-07-25] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_DPCLTSERVICE; C:\Program Files (x86)\MSI\DPC Latency Tuner\DPCLT_Service.exe [2166968 2018-09-13] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [113336 2017-12-21] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2323120 2019-04-15] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_MYSTICLIGHTSERVICE; C:\Program Files (x86)\MSI\Mystic Light\MysticLight_Service.exe [2048696 2017-11-03] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star INT'L CO., LTD.)
R2 MSI_RAMDisk_Service; C:\Program Files (x86)\MSI\RAMDisk\MSI_RAMDisk_Service.exe [71840 2018-07-04] (MICRO-STAR INTERNATIONAL CO., LTD. -> Micro-Star Int'l Co., Ltd.)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [183480 2019-02-14] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [781680 2019-04-02] (NVIDIA Corporation -> NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11795800 2019-04-15] (TeamViewer GmbH -> TeamViewer GmbH)
R2 tmGAInstall; C:\Program Files (x86)\Thrustmaster\Thrustmaster FFB Driver\drivers\amd64\tmGAInstall.EXE [46208 2017-09-18] (Guillemot Corporation -> Thrustmaster®)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\NisSrv.exe [4098064 2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe [113992 2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [18264 2017-02-23] (Intel(R) Extreme Tuning Utility -> Intel(R) Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

Segundo Mensaje

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 12FC2A4E; C:\WINDOWS\System32\drivers\12FC2A4E.sys [478392 2019-06-15] (Kaspersky Lab -> Kaspersky Lab ZAO)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37104 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [207448 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [262496 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [205848 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [61472 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15488 2019-01-07] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [279120 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [167872 2019-06-06] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [112312 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87944 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1030784 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [477584 2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [225608 2019-06-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [385880 2019-05-30] (AVAST Software s.r.o. -> AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Hewlett-Packard Company -> Windows (R) Win 7 DDK provider)
S3 dot4usb; C:\WINDOWS\system32\DRIVERS\dot4usb.sys [49056 2012-09-25] (Hewlett-Packard Company -> Microsoft Corporation)
R2 ei2c; C:\Windows\system32\drivers\ei2c.sys [20784 2017-07-10] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
R1 ibinldr; C:\WINDOWS\System32\drivers\ibinldr.sys [129120 2019-05-23] (ANAX CORP LIMITED -> ) [File not signed]
R2 iocbios2; C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [37064 2016-08-24] (Intel Corporation -> Intel Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [199768 2019-06-16] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [274416 2019-06-16] (Malwarebytes Corporation -> Malwarebytes)
R2 mi2c; C:\Windows\system32\drivers\mi2c.sys [20784 2017-07-10] (AOC International (Europe) GmbH -> Nicomsoft Ltd.)
S3 NTIOLib_ACTIVE_X; C:\Program Files (x86)\MSI\MSI OC Kit\ActiveX_Service\NTIOLib_X64.sys [14288 2017-08-23] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_DPC; C:\Program Files (x86)\MSI\DPC Latency Tuner\NTIOLib_X64.sys [14288 2017-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [14288 2017-03-29] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 NTIOLib_MysticLight; C:\Program Files (x86)\MSI\Mystic Light\Lib\NTIOLib_X64.sys [14288 2017-05-24] (MICRO-STAR INTERNATIONAL CO., LTD. -> MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_ed316ebc2bdc1c66\nvlddmkm.sys [21657024 2019-04-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-03-28] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69840 2019-03-19] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2019-04-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 RAMDriv; C:\WINDOWS\system32\DRIVERS\ramdriv.sys [86936 2016-03-10] (Christiaan GHIJSELINCK -> Micro-Star Int'l Co., Ltd.)
R2 RAMDriv; C:\Windows\SysWOW64\DRIVERS\ramdriv.sys [86936 2016-03-10] (Christiaan GHIJSELINCK -> Micro-Star Int'l Co., Ltd.)
S3 Rockusb; C:\WINDOWS\System32\drivers\rockusb.sys [69920 2016-04-01] (Fuzhou Rockchip Electronics Co., Ltd. -> Fuzhou Rockchip Electronics Co,Ltd.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1026896 2018-03-20] (Realtek Semiconductor Corp. -> Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R2 sxuptp; C:\WINDOWS\System32\drivers\sxuptp.sys [334776 2016-11-02] (silex technology, Inc. -> silex technology, Inc.)
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2018-05-16] (TunnelBear, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46472 2019-04-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [333792 2019-04-07] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62432 2019-04-07] (Microsoft Windows -> Microsoft Corporation)
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-17 00:51 - 2019-06-17 00:52 - 000054299 _____ C:\Users\Usuario\Desktop\FRST.txt
2019-06-17 00:50 - 2019-06-17 00:50 - 000011843 _____ C:\Users\Usuario\Desktop\MBM8.txt
2019-06-17 00:46 - 2019-06-17 00:46 - 000012766 _____ C:\Users\Usuario\Desktop\MBM7.txt
2019-06-16 19:57 - 2019-06-16 19:57 - 000199768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2019-06-16 19:53 - 2019-06-16 19:53 - 002418688 _____ (Farbar) C:\Users\Usuario\Desktop\FRST64.exe
2019-06-16 19:45 - 2019-06-16 19:55 - 000274416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2019-06-16 11:05 - 2019-06-16 11:04 - 000002103 _____ C:\Users\Usuario\Desktop\AdwCleaner[S08].txt
2019-06-16 11:02 - 2019-06-16 11:02 - 000002200 _____ C:\Users\Usuario\Desktop\MWB1.txt
2019-06-16 10:36 - 2019-06-16 10:40 - 000001988 _____ C:\Users\Usuario\Desktop\Google Drive.lnk
2019-06-16 10:32 - 2019-06-16 10:32 - 000002478 _____ C:\Users\Usuario\Desktop\qrroppgo - Chrome.lnk
2019-06-16 10:29 - 2019-06-16 10:29 - 000002478 _____ C:\Users\Usuario\Desktop\eci.safanet.es - Chrome.lnk
2019-06-16 10:28 - 2019-06-16 10:30 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome
2019-06-16 10:27 - 2019-06-16 10:27 - 000002478 _____ C:\Users\Usuario\Desktop\fundacionsafa.es - Chrome.lnk
2019-06-16 10:27 - 2019-06-16 10:27 - 000002434 _____ C:\Users\Usuario\Desktop\Francisco Javier - Chrome.lnk
2019-06-15 20:44 - 2019-06-15 20:44 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Google
2019-06-15 20:35 - 2019-06-15 20:35 - 000000000 ____D C:\Users\Usuario\AppData\Local\ESET
2019-06-15 20:15 - 2019-06-17 00:49 - 000002344 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-15 20:15 - 2019-06-17 00:49 - 000002332 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-06-15 20:15 - 2019-06-15 20:30 - 000000000 ____D C:\Users\Usuario\AppData\Local\Google
2019-06-15 20:01 - 2019-06-15 22:00 - 000128884 _____ C:\WINDOWS\ZAM.krnl.trace
2019-06-15 20:01 - 2019-06-15 22:00 - 000000000 ____D C:\Users\Usuario\AppData\Local\AMSDK
2019-06-15 20:01 - 2019-06-15 20:01 - 000000000 ____D C:\Users\Usuario\AppData\Local\Zemana
2019-06-15 20:01 - 2019-06-15 20:01 - 000000000 ____D C:\Program Files (x86)\Zemana
2019-06-15 19:54 - 2019-06-15 19:56 - 000000000 ____D C:\ProgramData\HitmanPro
2019-06-15 19:49 - 2019-06-15 19:49 - 000002580 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype Empresarial.lnk
2019-06-15 19:49 - 2019-06-15 19:49 - 000002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-06-15 19:49 - 2019-06-15 19:49 - 000002512 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-06-15 19:49 - 2019-06-15 19:49 - 000002494 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-06-15 19:49 - 2019-06-15 19:49 - 000002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-06-15 19:49 - 2019-06-15 19:49 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-06-15 19:49 - 2019-06-15 19:49 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-06-15 19:49 - 2019-06-15 19:49 - 000002439 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-06-15 19:49 - 2019-06-15 19:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Herramientas de Microsoft Office
2019-06-15 13:40 - 2019-06-15 22:01 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\ZHP
2019-06-15 13:34 - 2019-06-15 13:40 - 000000000 ____D C:\Users\Usuario\AppData\Local\ZHP
2019-06-15 12:34 - 2019-06-15 12:34 - 000478392 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\12FC2A4E.sys
2019-06-15 12:34 - 2019-06-15 12:34 - 000000000 ____D C:\KVRT_Data
2019-06-15 12:30 - 2019-06-17 00:51 - 000000000 ____D C:\FRST
2019-06-15 12:19 - 2019-06-15 14:04 - 000000000 ___HD C:\PanQkqyWevuqOJ0b
2019-06-15 11:13 - 2019-06-15 11:13 - 000000000 __SHD C:\AppCache
2019-06-15 10:28 - 2019-06-15 20:15 - 000000000 ____D C:\Program Files (x86)\Google
2019-06-15 10:28 - 2019-06-15 10:28 - 000000000 ____D C:\Users\Usuario\AppData\Local\Deployment
2019-06-15 10:28 - 2019-06-15 10:28 - 000000000 ____D C:\Users\Usuario\AppData\Local\Apps\2.0
2019-06-14 21:09 - 2019-06-14 21:09 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\25B497A6.sys
2019-06-14 21:00 - 2019-06-14 21:04 - 000153328 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-06-14 21:00 - 2019-06-14 21:00 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-06-14 21:00 - 2019-06-14 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-06-14 21:00 - 2019-02-01 11:20 - 000020936 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2019-06-14 20:21 - 2019-06-14 20:54 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-06-13 21:33 - 2019-06-13 21:33 - 000000856 _____ C:\Users\Usuario\Desktop\Graduación.lnk
2019-06-12 10:59 - 2019-06-12 11:02 - 000000000 ____D C:\Users\Usuario\AppData\Local\Pinnacle_Studio_18
2019-06-12 10:59 - 2019-06-12 10:59 - 000001999 _____ C:\Users\Public\Desktop\Pinnacle Studio 18.lnk
2019-06-12 10:59 - 2019-06-12 10:59 - 000001947 _____ C:\Users\Public\Desktop\Pinnacle Studio Training.lnk
2019-06-12 10:59 - 2019-06-12 10:59 - 000000000 ____D C:\Program Files (x86)\Pinnacle
2019-06-12 10:54 - 2019-06-12 10:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Studio 18
2019-06-12 10:54 - 2019-06-12 10:58 - 000000000 ____D C:\Program Files\Pinnacle
2019-06-12 10:54 - 2019-06-12 10:54 - 000000000 ____D C:\Users\Usuario\Desktop\PinnacleStudioSetup
2019-06-11 19:32 - 2019-06-07 13:04 - 021388752 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-11 19:32 - 2019-06-07 13:04 - 001633136 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-11 19:32 - 2019-06-07 12:48 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-06-11 19:32 - 2019-06-07 12:47 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-11 19:32 - 2019-06-07 12:45 - 012756480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-11 19:32 - 2019-06-07 12:42 - 003613696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-11 19:32 - 2019-06-07 12:41 - 004055552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-11 19:32 - 2019-06-07 12:40 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-11 19:32 - 2019-06-07 12:40 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-11 19:32 - 2019-06-07 12:23 - 001453920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-11 19:32 - 2019-06-07 12:19 - 020383832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-11 19:32 - 2019-06-07 12:10 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-11 19:32 - 2019-06-07 12:07 - 011942400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-11 19:32 - 2019-06-07 12:04 - 004056064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-11 19:32 - 2019-06-07 12:04 - 002881536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-11 19:32 - 2019-06-07 12:04 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-11 19:32 - 2019-06-07 08:07 - 000707384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-11 19:32 - 2019-06-07 08:01 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-11 19:32 - 2019-06-07 07:58 - 001220112 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-11 19:32 - 2019-06-07 07:58 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-11 19:32 - 2019-06-07 07:58 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-11 19:32 - 2019-06-07 07:58 - 000422416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-11 19:32 - 2019-06-07 07:58 - 000135176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-11 19:32 - 2019-06-07 07:58 - 000076304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-11 19:32 - 2019-06-07 07:57 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-11 19:32 - 2019-06-07 07:57 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-11 19:32 - 2019-06-07 07:57 - 002811192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-11 19:32 - 2019-06-07 07:57 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-11 19:32 - 2019-06-07 07:57 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-11 19:32 - 2019-06-07 07:57 - 001209696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-11 19:32 - 2019-06-07 07:57 - 000792888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-11 19:32 - 2019-06-07 07:57 - 000709728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-11 19:32 - 2019-06-07 07:57 - 000594024 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-11 19:32 - 2019-06-07 07:57 - 000494304 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-11 19:32 - 2019-06-07 07:57 - 000435000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-11 19:32 - 2019-06-07 07:57 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2019-06-11 19:32 - 2019-06-07 07:57 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-06-11 19:32 - 2019-06-07 07:57 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-11 19:32 - 2019-06-07 07:57 - 000170296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-06-11 19:32 - 2019-06-07 07:57 - 000148280 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-11 19:32 - 2019-06-07 07:57 - 000137448 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-06-11 19:32 - 2019-06-07 07:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-11 19:32 - 2019-06-07 07:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-06-11 19:32 - 2019-06-07 07:47 - 000380432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-11 19:32 - 2019-06-07 07:47 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-06-11 19:32 - 2019-06-07 07:46 - 006569344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-11 19:32 - 2019-06-07 07:46 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-11 19:32 - 2019-06-07 07:46 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-11 19:32 - 2019-06-07 07:46 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-11 19:32 - 2019-06-07 07:46 - 000581048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-06-11 19:32 - 2019-06-07 07:46 - 000357072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-11 19:32 - 2019-06-07 07:46 - 000128792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-11 19:32 - 2019-06-07 07:38 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-11 19:32 - 2019-06-07 07:37 - 022019584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-11 19:32 - 2019-06-07 07:31 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-11 19:32 - 2019-06-07 07:27 - 022718976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-11 19:32 - 2019-06-07 07:24 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-11 19:32 - 2019-06-07 07:24 - 003400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-11 19:32 - 2019-06-07 07:24 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2019-06-11 19:32 - 2019-06-07 07:23 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-11 19:32 - 2019-06-07 07:23 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-06-11 19:32 - 2019-06-07 07:23 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-06-11 19:32 - 2019-06-07 07:22 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-06-11 19:32 - 2019-06-07 07:22 - 003710976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-11 19:32 - 2019-06-07 07:22 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-11 19:32 - 2019-06-07 07:22 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-11 19:32 - 2019-06-07 07:22 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-11 19:32 - 2019-06-07 07:21 - 007588864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-11 19:32 - 2019-06-07 07:21 - 004866048 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-11 19:32 - 2019-06-07 07:21 - 001778688 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-11 19:32 - 2019-06-07 07:21 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-11 19:32 - 2019-06-07 07:21 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-11 19:32 - 2019-06-07 07:21 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-11 19:32 - 2019-06-07 07:20 - 002610688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-11 19:32 - 2019-06-07 07:20 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2019-06-11 19:32 - 2019-06-07 07:20 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-11 19:32 - 2019-06-07 07:20 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-06-11 19:32 - 2019-06-07 07:19 - 003212288 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-11 19:32 - 2019-06-07 07:19 - 002175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-11 19:32 - 2019-06-07 07:19 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-11 19:32 - 2019-06-07 07:19 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-11 19:32 - 2019-06-07 07:19 - 000778240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-11 19:32 - 2019-06-07 07:19 - 000369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-11 19:32 - 2019-06-07 07:18 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-11 19:32 - 2019-06-07 07:18 - 000686592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-11 19:32 - 2019-06-07 07:18 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-11 19:32 - 2019-06-07 07:17 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-11 19:32 - 2019-06-07 07:17 - 000961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-11 19:32 - 2019-06-07 07:17 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-11 19:32 - 2019-06-07 07:16 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-11 19:32 - 2019-06-07 07:16 - 000544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-11 19:32 - 2019-06-07 07:16 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-11 19:32 - 2019-06-07 06:00 - 000001308 _____ C:\WINDOWS\system32\tcbres.wim
2019-06-11 19:32 - 2019-05-19 00:12 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-11 19:32 - 2019-05-19 00:12 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-11 19:32 - 2019-05-19 00:12 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-11 19:32 - 2019-05-19 00:12 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-11 19:32 - 2019-05-17 14:44 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-11 19:32 - 2019-05-17 14:40 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2019-06-11 19:32 - 2019-05-17 14:40 - 000280888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-11 19:32 - 2019-05-17 14:27 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-11 19:32 - 2019-05-17 14:26 - 004393984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-06-11 19:32 - 2019-05-17 14:25 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-06-11 19:32 - 2019-05-17 14:25 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-06-11 19:32 - 2019-05-17 14:25 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-06-11 19:32 - 2019-05-17 14:24 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-06-11 19:32 - 2019-05-17 14:23 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2019-06-11 19:32 - 2019-05-17 14:23 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2019-06-11 19:32 - 2019-05-17 14:23 - 000110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-11 19:32 - 2019-05-17 14:22 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-11 19:32 - 2019-05-17 14:22 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-11 19:32 - 2019-05-17 14:21 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-06-11 19:32 - 2019-05-17 14:21 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-06-11 19:32 - 2019-05-17 14:21 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-06-11 19:32 - 2019-05-17 14:21 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3gpui.dll
2019-06-11 19:32 - 2019-05-17 14:21 - 000221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-11 19:32 - 2019-05-17 14:20 - 002084864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-11 19:32 - 2019-05-17 14:20 - 001970688 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2019-06-11 19:32 - 2019-05-17 14:20 - 000725504 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
2019-06-11 19:32 - 2019-05-17 14:20 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2019-06-11 19:32 - 2019-05-17 14:20 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2019-06-11 19:32 - 2019-05-17 14:19 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-11 19:32 - 2019-05-17 14:07 - 002206424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2019-06-11 19:32 - 2019-05-17 14:00 - 005658112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-11 19:32 - 2019-05-17 13:58 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-06-11 19:32 - 2019-05-17 13:58 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2019-06-11 19:32 - 2019-05-17 13:56 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-11 19:32 - 2019-05-17 13:56 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3gpui.dll
2019-06-11 19:32 - 2019-05-17 13:55 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-06-11 19:32 - 2019-05-17 13:55 - 000668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-11 19:32 - 2019-05-17 13:55 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2019-06-11 19:32 - 2019-05-17 13:55 - 000352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2019-06-11 19:32 - 2019-05-17 13:54 - 002016768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-11 19:32 - 2019-05-17 13:54 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-06-11 19:32 - 2019-05-17 11:33 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-06-11 19:32 - 2019-05-17 10:52 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-06-11 19:32 - 2019-05-17 09:07 - 000105272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-06-11 19:32 - 2019-05-17 08:44 - 000829960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-06-11 19:32 - 2019-05-17 08:44 - 000550520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-06-11 19:32 - 2019-05-17 08:43 - 000297688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-06-11 19:32 - 2019-05-17 08:42 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-06-11 19:32 - 2019-05-17 08:42 - 004789944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-06-11 19:32 - 2019-05-17 08:42 - 002256560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-11 19:32 - 2019-05-17 08:42 - 001989552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-06-11 19:32 - 2019-05-17 08:42 - 001980256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-06-11 19:32 - 2019-05-17 08:42 - 001620264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-06-11 19:32 - 2019-05-17 08:42 - 001380096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-06-11 19:32 - 2019-05-17 08:42 - 001130568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-06-11 19:32 - 2019-05-17 08:42 - 000129088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2019-06-11 19:32 - 2019-05-17 08:42 - 000125504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-11 19:32 - 2019-05-17 08:30 - 013878784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-11 19:32 - 2019-05-17 08:26 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-11 19:32 - 2019-05-17 08:23 - 000074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-06-11 19:32 - 2019-05-17 08:23 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-11 19:32 - 2019-05-17 08:23 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-11 19:32 - 2019-05-17 08:22 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2019-06-11 19:32 - 2019-05-17 08:22 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-11 19:32 - 2019-05-17 08:21 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-06-11 19:32 - 2019-05-17 08:21 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-11 19:32 - 2019-05-17 08:21 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-11 19:32 - 2019-05-17 08:20 - 000366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-11 19:32 - 2019-05-17 08:20 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-06-11 19:32 - 2019-05-17 08:19 - 004515840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-11 19:32 - 2019-05-17 08:19 - 001630720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-11 19:32 - 2019-05-17 08:19 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-06-11 19:32 - 2019-05-17 08:19 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-11 19:32 - 2019-05-17 08:19 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2019-06-11 19:32 - 2019-05-17 08:19 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-11 19:32 - 2019-05-17 08:18 - 002796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-11 19:32 - 2019-05-17 08:18 - 001006592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-11 19:32 - 2019-05-17 08:18 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-06-11 19:32 - 2019-05-17 08:08 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-11 19:32 - 2019-05-17 08:08 - 000723432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-11 19:32 - 2019-05-17 08:08 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-11 19:32 - 2019-05-17 08:08 - 000401328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-06-11 19:32 - 2019-05-17 08:07 - 004404720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-06-11 19:32 - 2019-05-17 08:07 - 002768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-11 19:32 - 2019-05-17 08:07 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-06-11 19:32 - 2019-05-17 08:07 - 002467320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-06-11 19:32 - 2019-05-17 08:07 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-11 19:32 - 2019-05-17 08:07 - 001288712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-06-11 19:32 - 2019-05-17 08:07 - 001260272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-11 19:32 - 2019-05-17 08:07 - 000930616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-06-11 19:32 - 2019-05-17 08:07 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-11 19:32 - 2019-05-17 08:07 - 000260800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-06-11 19:32 - 2019-05-17 08:06 - 001943136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-06-11 19:32 - 2019-05-17 08:06 - 001784696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-06-11 19:32 - 2019-05-17 08:06 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-06-11 19:32 - 2019-05-17 08:06 - 001140992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-11 19:32 - 2019-05-17 08:06 - 001098056 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-06-11 19:32 - 2019-05-17 08:06 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-11 19:32 - 2019-05-17 08:06 - 000151888 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-11 19:32 - 2019-05-17 08:04 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-06-11 19:32 - 2019-05-17 08:00 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-06-11 19:32 - 2019-05-17 07:44 - 016597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-11 19:32 - 2019-05-17 07:38 - 004709376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-11 19:32 - 2019-05-17 07:37 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-11 19:32 - 2019-05-17 07:37 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2019-06-11 19:32 - 2019-05-17 07:37 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2019-06-11 19:32 - 2019-05-17 07:36 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-11 19:32 - 2019-05-17 07:36 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-06-11 19:32 - 2019-05-17 07:36 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-11 19:32 - 2019-05-17 07:36 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-11 19:32 - 2019-05-17 07:36 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-11 19:32 - 2019-05-17 07:36 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-11 19:32 - 2019-05-17 07:36 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-11 19:32 - 2019-05-17 07:35 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-06-11 19:32 - 2019-05-17 07:35 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-11 19:32 - 2019-05-17 07:35 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-06-11 19:32 - 2019-05-17 07:34 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-11 19:32 - 2019-05-17 07:34 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-11 19:32 - 2019-05-17 07:34 - 000671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-11 19:32 - 2019-05-17 07:34 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-11 19:32 - 2019-05-17 07:34 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-11 19:32 - 2019-05-17 07:34 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-06-11 19:32 - 2019-05-17 07:34 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-06-11 19:32 - 2019-05-17 07:34 - 000047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2019-06-11 19:32 - 2019-05-17 07:33 - 003091456 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-06-11 19:32 - 2019-05-17 07:33 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-11 19:32 - 2019-05-17 07:33 - 002370560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-11 19:32 - 2019-05-17 07:33 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-06-11 19:32 - 2019-05-17 07:33 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-11 19:32 - 2019-05-17 07:33 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-06-11 19:32 - 2019-05-17 07:33 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-11 19:32 - 2019-05-17 07:32 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2019-06-11 19:32 - 2019-05-17 07:32 - 000815104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-11 19:32 - 2019-05-17 07:31 - 004937216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-11 19:32 - 2019-05-17 07:31 - 003376640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-11 19:32 - 2019-05-17 07:31 - 003293184 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-11 19:32 - 2019-05-17 07:31 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-06-11 19:32 - 2019-05-17 07:31 - 001805312 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-11 19:32 - 2019-05-17 07:31 - 001383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-11 19:32 - 2019-05-17 07:31 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-11 19:32 - 2019-05-17 07:31 - 001211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-11 19:32 - 2019-05-17 07:31 - 001027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-11 19:32 - 2019-05-17 07:31 - 000620032 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-11 19:32 - 2019-05-17 07:31 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-11 19:32 - 2019-05-17 07:30 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-11 19:32 - 2019-05-17 07:30 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-06-11 19:32 - 2019-05-17 07:30 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-10 20:42 - 2019-06-10 20:42 - 000001153 _____ C:\Users\Usuario\Desktop\blender.lnk
2019-06-10 20:42 - 2019-06-10 20:42 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender
2019-06-10 20:42 - 2019-06-10 20:42 - 000000000 ____D C:\Users\Usuario\.thumbnails
2019-06-10 20:42 - 2019-06-10 20:42 - 000000000 ____D C:\Program Files\Blender Foundation
2019-06-10 20:17 - 2019-06-10 20:17 - 000000000 ____D C:\SmartSound Software
2019-06-10 20:17 - 2019-06-10 20:17 - 000000000 ____D C:\ProgramData\SmartSound Software Inc
2019-06-10 20:17 - 2019-06-10 20:17 - 000000000 ____D C:\Program Files (x86)\SmartSound Software
2019-06-10 20:17 - 1998-10-29 16:45 - 000306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2019-06-10 20:16 - 2019-06-10 20:27 - 000000012 _____ C:\WINDOWS\Ulead32.ini
2019-06-10 20:16 - 2019-06-10 20:16 - 000000000 ____D C:\Program Files (x86)\Windows Media Components
2019-06-10 20:16 - 2019-06-10 20:16 - 000000000 ____D C:\Program Files (x86)\Ulead Systems
2019-06-10 20:13 - 2019-06-10 20:13 - 000000000 ____D C:\Users\Usuario\.fontconfig
2019-06-10 20:12 - 2019-06-10 20:12 - 000000000 ____D C:\Users\Usuario\AppData\Local\Movavi
2019-06-10 20:12 - 2019-06-10 20:12 - 000000000 ____D C:\Users\Usuario\AppData\Local\_Converter
2019-06-10 20:11 - 2019-06-10 20:11 - 000000016 _____ C:\ProgramData\mntemp
2019-06-10 20:11 - 2019-06-10 20:11 - 000000000 ____D C:\ProgramData\Movavi Video Converter 16
2019-06-10 20:11 - 2019-06-10 20:11 - 000000000 ____D C:\ProgramData\Movavi
2019-06-10 19:43 - 2019-06-10 19:43 - 000000000 ____D C:\ProgramData\Wondershare
2019-06-10 19:42 - 2019-06-10 19:42 - 000000993 _____ C:\Users\Public\Desktop\Wondershare Filmora.lnk
2019-06-10 19:42 - 2019-06-10 19:42 - 000000000 ____D C:\Users\Usuario\AppData\Local\Wondershare
2019-06-10 19:42 - 2019-06-10 19:42 - 000000000 ____D C:\ProgramData\Wondershare Video Editor
2019-06-10 19:42 - 2019-06-10 19:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2019-06-10 19:42 - 2019-06-10 19:42 - 000000000 ____D C:\Program Files\Wondershare
2019-06-10 19:42 - 2016-12-02 15:20 - 001250304 _____ (CineForm Inc.) C:\WINDOWS\system32\CFDecode64.ax
2019-06-09 09:06 - 2019-06-09 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2019-06-09 09:06 - 2019-06-09 09:06 - 000000000 ____D C:\Program Files\Google
2019-06-08 14:23 - 2019-06-08 14:23 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\2342841A.sys
2019-06-08 13:50 - 2019-06-08 13:50 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\17C79325.sys
2019-06-08 13:48 - 2019-06-15 15:24 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-06-08 13:36 - 2019-06-08 14:03 - 000000000 ____D C:\AdwCleaner
2019-06-08 13:31 - 2019-06-08 13:31 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbamtray
2019-06-08 13:31 - 2019-06-08 13:31 - 000000000 ____D C:\Users\Usuario\AppData\Local\mbam
2019-06-08 11:32 - 2019-06-08 11:35 - 000002166 _____ C:\Users\Usuario\AppData\Roaming\XAddonManager.plist
2019-06-07 19:28 - 2019-06-13 19:39 - 000002610 _____ C:\WINDOWS\System32\Tasks\Sk1948Pl
2019-06-07 19:28 - 2019-06-08 13:36 - 000000000 ____D C:\Users\Usuario\AppData\Local\prunld8080
2019-06-07 19:28 - 2019-06-08 11:28 - 000000000 __SHD C:\ProgramData\FlashSys
2019-06-07 19:28 - 2019-06-07 19:28 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-06-07 19:28 - 2019-06-07 19:28 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-06-07 19:28 - 2019-06-07 19:28 - 000000000 ___SH C:\Users\Usuario\AppData\Roaming\6
2019-06-07 19:28 - 2019-06-07 19:28 - 000000000 ____D C:\ProgramData\V5OK2JEQHXJWXH4BXOG48UCXO
2019-06-06 19:18 - 2019-06-06 19:18 - 000000000 ____D C:\ProgramData\Pinnacle Log Files
2019-06-05 20:01 - 2019-06-05 20:01 - 000000000 ____D C:\ProgramData\Pader
2019-06-05 20:00 - 2019-06-15 13:45 - 000000000 ____D C:\ProgramData\fb
2019-06-05 20:00 - 2019-06-07 19:28 - 000000000 ____D C:\ProgramData\Optimizer
2019-06-05 20:00 - 2019-06-05 20:00 - 000000000 ____D C:\ProgramData\Mail.Ru
2019-06-05 19:06 - 2019-06-05 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-06-04 20:33 - 2019-06-12 20:22 - 000003584 _____ C:\Users\Usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-06-04 20:32 - 2019-06-16 10:44 - 000001899 _____ C:\Users\Usuario\AppData\Roaming\QRROPPGO.MTBF.txt
2019-06-04 20:32 - 2019-06-16 10:44 - 000000000 ____D C:\Users\Usuario\AppData\Local\Pinnacle
2019-06-04 20:32 - 2019-06-15 12:39 - 000000000 ____D C:\Users\Usuario\temp
2019-06-04 20:32 - 2019-06-06 19:21 - 000000000 ____D C:\ProgramData\Corel
2019-06-04 20:32 - 2019-06-04 20:32 - 000000000 ____D C:\Users\Usuario\AppData\Local\Corel
2019-06-04 20:30 - 2019-06-04 20:30 - 000000000 ____D C:\ProgramData\UniqueId
2019-06-04 20:29 - 2019-06-04 20:32 - 000000000 ____D C:\Users\Usuario\AppData\Local\Pinnacle_Studio_22
2019-06-04 20:24 - 2019-06-12 10:58 - 000000000 ____D C:\ProgramData\Pinnacle
2019-06-04 14:11 - 2019-06-04 14:11 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-06-04 14:11 - 2019-06-04 14:11 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-06-04 14:11 - 2019-06-04 14:11 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-06-04 14:11 - 2019-06-04 14:11 - 000047600 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-06-02 14:15 - 2019-06-02 14:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Speech SDK 5.1
2019-06-02 14:15 - 2019-06-02 14:15 - 000000000 ____D C:\Program Files (x86)\Microsoft Speech SDK 5.1
2019-06-02 10:26 - 2019-06-02 10:26 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic.lnk
2019-05-27 19:13 - 2019-02-13 07:47 - 001909560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-05-27 13:09 - 2019-05-27 13:09 - 000363400 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-26 19:46 - 2019-05-26 19:46 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2019.lnk
2019-05-25 14:10 - 2019-04-01 04:25 - 005347104 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 003445848 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 003340512 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 003335360 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RltkAPO.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 003306712 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE2.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 003168496 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 002444792 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv201.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 002197872 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001971472 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001965288 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64AF3.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001788064 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001611064 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOv251gm.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001598504 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001596296 _____ (Harman International Industries, Incorporated.) C:\WINDOWS\system32\HarmanAPO64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001544360 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001516400 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001435032 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001396272 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001382128 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001372496 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001353424 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001337536 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaeapo64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001318960 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001287728 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyAPOvlldpgm.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001282656 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001259840 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001180656 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001110280 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001073776 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SECOMN32.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 001027936 _____ (Sound Research, Corp.) C:\WINDOWS\SysWOW64\SEHDHF32.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000965128 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000873352 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000852032 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tosasfapo64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000751408 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000734880 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000715752 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000692272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000604688 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\tossaemaxapo64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000541008 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000511752 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000467264 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000453384 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000452840 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000448712 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000447072 _____ (Toshiba Client Solutions Co., Ltd.) C:\WINDOWS\system32\toseaeapo64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000406560 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000392976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000381304 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000367720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64AF3.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000366224 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\HMAPO.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000360448 _____ (Harman) C:\WINDOWS\system32\HMClariFi.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000343816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000341040 _____ (Synopsys, Inc.) C:\WINDOWS\SysWOW64\SRCOM.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000341040 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000333120 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000327376 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000327376 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000316088 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64F3.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000278376 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000261344 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000261304 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000260320 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000232024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000230600 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000220496 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000218168 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000203968 _____ (Harman) C:\WINDOWS\system32\HMHVS.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000191040 _____ (Harman) C:\WINDOWS\system32\HMEQ_Voice.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000191040 _____ (Harman) C:\WINDOWS\system32\HMEQ.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000179704 _____ (Harman) C:\WINDOWS\system32\HMLimiter.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000174832 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000158592 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000157448 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000139864 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000116648 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000094008 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000091024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000090280 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000088424 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000083728 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2019-05-25 14:10 - 2019-04-01 04:25 - 000075432 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2019-05-25 14:10 - 2019-04-01 01:25 - 072520840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2019-05-25 14:10 - 2019-04-01 01:25 - 007178576 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2019-05-25 14:10 - 2019-04-01 01:25 - 007101848 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2019-05-25 14:10 - 2019-04-01 01:25 - 006270296 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64AF3.dll
2019-05-25 14:10 - 2019-04-01 01:25 - 003677264 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2019-05-25 14:10 - 2019-04-01 01:25 - 003159904 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2019-05-25 14:10 - 2019-04-01 01:25 - 002930256 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2019-05-25 14:10 - 2019-04-01 01:25 - 001159288 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2019-05-25 14:10 - 2019-04-01 01:25 - 000487576 _____ (Harman International Industries, Incorporated.) C:\WINDOWS\system32\HarmanAPOUI64.dll
2019-05-25 14:10 - 2019-04-01 01:25 - 000416616 _____ (Harman) C:\WINDOWS\system32\HMUI.dll
2019-05-25 14:10 - 2019-04-01 01:25 - 000378488 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2019-05-25 14:10 - 2019-04-01 01:25 - 000266656 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2019-05-25 14:10 - 2019-04-01 01:25 - 000154464 _____ (Harman) C:\WINDOWS\system32\HarmanAudioInterface.dll
2019-05-25 14:10 - 2019-04-01 01:24 - 000122424 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2019-05-25 14:10 - 2019-04-01 01:24 - 000118696 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2019-05-25 14:10 - 2019-04-01 01:24 - 000105408 _____ C:\WINDOWS\system32\audioLibVc.dll
2019-05-25 14:10 - 2019-04-01 01:00 - 030251754 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2019-05-23 08:08 - 2019-05-23 08:08 - 000129120 ____N C:\WINDOWS\system32\Drivers\ibinldr.sys
2019-05-19 20:55 - 2019-05-19 20:55 - 000000000 ____D C:\Users\Usuario\AppData\Local\KutoolsforExcel
2019-05-19 20:52 - 2019-05-19 20:52 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Kutools for Excel
2019-05-19 20:51 - 2019-05-19 20:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kutools for Excel
2019-05-19 20:51 - 2019-05-19 20:51 - 000000000 ____D C:\Program Files (x86)\Kutools for Excel
2019-05-19 19:35 - 2019-05-19 19:35 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\NVIDIA

Tercer Mensaje

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-06-17 00:50 - 2018-09-18 19:42 - 000000000 ___RD C:\Users\Usuario\Google Drive ([email protected])
2019-06-17 00:50 - 2018-09-09 12:43 - 000000000 ___RD C:\Users\Usuario\Google Drive ([email protected])
2019-06-17 00:50 - 2017-07-04 19:46 - 000000000 ____D C:\Users\Usuario\AppData\Local\Adobe
2019-06-17 00:49 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-17 00:49 - 2017-10-28 09:02 - 000000000 ___RD C:\Users\Usuario\Google Drive
2019-06-17 00:49 - 2017-07-04 19:18 - 000000000 ____D C:\ProgramData\NVIDIA
2019-06-17 00:48 - 2018-09-11 18:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-06-17 00:48 - 2018-05-13 13:25 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-17 00:48 - 2018-05-13 13:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-17 00:48 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-06-16 23:31 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-16 23:31 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-16 23:31 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-06-16 20:13 - 2017-07-07 12:17 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\vlc
2019-06-16 19:54 - 2018-05-13 13:27 - 001768608 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-16 19:54 - 2018-04-12 18:19 - 000786502 _____ C:\WINDOWS\system32\perfh00A.dat
2019-06-16 19:54 - 2018-04-12 18:19 - 000155134 _____ C:\WINDOWS\system32\perfc00A.dat
2019-06-16 14:24 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-16 14:15 - 2018-05-13 13:28 - 000000000 ____D C:\Users\Usuario\AppData\Local\D3DSCache
2019-06-15 19:48 - 2017-07-04 19:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-06-15 15:24 - 2018-05-27 14:29 - 000000000 ____D C:\WINDOWS\pss
2019-06-15 12:43 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-06-15 10:28 - 2018-05-13 13:25 - 000003620 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-06-15 10:28 - 2018-05-13 13:25 - 000003496 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-06-15 09:50 - 2019-01-02 22:02 - 000000000 ____D C:\Users\Usuario\AppData\LocalLow\Mozilla
2019-06-14 21:52 - 2018-05-27 15:45 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2019-06-14 21:08 - 2018-07-20 11:33 - 000000000 ____D C:\Users\Usuario\AppData\Local\CrashDumps
2019-06-14 21:00 - 2018-05-27 12:58 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-06-14 21:00 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-06-14 20:54 - 2019-01-02 22:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-06-14 20:28 - 2019-01-02 22:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-06-13 19:39 - 2018-09-19 19:11 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-06-13 19:39 - 2018-05-27 14:25 - 000002988 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-06-13 19:39 - 2018-05-13 13:25 - 000002808 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-QRROPPGO-Usuario
2019-06-13 19:39 - 2018-05-13 13:25 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2019-06-13 12:42 - 2018-02-28 21:04 - 000534528 _____ (Dirección General de la Policía) C:\Users\Usuario\AppData\Local\DNIeService.exe
2019-06-12 10:54 - 2018-07-24 20:18 - 000000000 ____D C:\Users\Usuario\AppData\Local\Downloaded Installations
2019-06-12 10:02 - 2018-05-13 13:18 - 000523424 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-11 21:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-06-11 21:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-06-11 21:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2019-06-11 21:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-06-11 21:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-11 19:36 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-11 19:32 - 2017-07-04 19:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-11 19:29 - 2017-07-04 19:20 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-10 20:42 - 2018-05-13 13:19 - 000000000 ____D C:\Users\Usuario
2019-06-10 20:27 - 2017-07-04 19:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-06-10 20:16 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2019-06-10 19:36 - 2017-11-04 10:56 - 000000000 ____D C:\Users\Usuario\AppData\Local\Packages
2019-06-09 20:46 - 2019-04-16 21:00 - 000000075 _____ C:\Users\Usuario\AppData\Local\X-Plane_drm_11.prf
2019-06-09 09:08 - 2019-04-26 11:19 - 000001818 _____ C:\Users\Usuario\Desktop\gmail.com.lnk
2019-06-09 09:05 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-06-08 13:42 - 2017-07-05 13:53 - 000000000 ___RD C:\Users\Usuario\Desktop\Seguridad
2019-06-07 20:07 - 2019-04-16 21:48 - 000000037 _____ C:\Users\Usuario\AppData\Local\X-Plane Installer.prf
2019-06-07 19:28 - 2019-03-03 21:42 - 000000424 __RSH C:\ProgramData\ntuser.pol
2019-06-06 19:10 - 2018-05-13 13:25 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2019-06-06 12:56 - 2017-07-05 19:29 - 000167872 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-06-05 19:06 - 2017-07-05 20:37 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-06-03 20:09 - 2018-10-13 10:29 - 000000000 ____D C:\Users\Usuario\Desktop\METALU
2019-06-03 12:58 - 2017-07-05 19:29 - 000225608 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-06-02 10:26 - 2017-07-05 19:55 - 000000000 ____D C:\Program Files\Adobe
2019-05-31 03:57 - 2018-04-12 01:41 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-31 03:57 - 2018-04-12 01:41 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-30 20:02 - 2017-07-05 19:29 - 000385880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-05-27 13:09 - 2019-02-19 19:27 - 000279120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-05-27 13:09 - 2019-01-15 10:41 - 000262496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-05-27 13:09 - 2019-01-07 11:59 - 000205848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-05-27 13:09 - 2019-01-07 11:59 - 000061472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-05-27 13:09 - 2019-01-07 11:59 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-05-27 13:09 - 2018-10-24 09:55 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-05-27 13:09 - 2017-11-18 12:07 - 000207448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-05-27 13:09 - 2017-07-05 19:29 - 001030784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-05-27 13:09 - 2017-07-05 19:29 - 000477584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-05-27 13:09 - 2017-07-05 19:29 - 000112312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-05-27 13:09 - 2017-07-05 19:29 - 000087944 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-05-26 19:46 - 2017-07-05 19:55 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-05-26 19:46 - 2017-07-05 01:13 - 000000000 ____D C:\Users\Usuario\AppData\Roaming\Adobe
2019-05-26 19:45 - 2017-07-04 19:46 - 000000000 ____D C:\ProgramData\Adobe
2019-05-26 13:19 - 2017-07-11 20:08 - 000000000 ___RD C:\Users\Usuario\Desktop\MSI & AOC
2019-05-25 14:12 - 2017-07-04 19:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2019-05-25 14:12 - 2017-07-04 19:26 - 000000000 ____D C:\Program Files (x86)\MSI
2019-05-25 14:12 - 2017-07-04 19:26 - 000000000 ____D C:\MSI
2019-05-25 14:11 - 2019-04-19 10:57 - 000000000 _____ C:\WINDOWS\system32\fpfftResultsFile.txt
2019-05-25 14:11 - 2017-12-01 19:38 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2019-05-25 14:11 - 2017-12-01 19:37 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-05-25 14:11 - 2017-07-04 19:33 - 000000000 ____D C:\WINDOWS\system32\DAX3
2019-05-25 14:11 - 2017-07-04 19:33 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-05-25 14:11 - 2017-07-04 19:32 - 000000000 ___HD C:\Program Files (x86)\Temp
2019-05-24 21:21 - 2018-08-27 19:24 - 000003458 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-24 21:21 - 2018-08-27 19:24 - 000003256 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-24 21:21 - 2018-08-27 19:24 - 000003212 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-24 21:21 - 2018-08-27 19:24 - 000003076 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-24 21:21 - 2018-08-27 19:24 - 000003076 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-24 21:21 - 2018-08-27 19:24 - 000003076 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-24 21:21 - 2018-08-27 19:24 - 000003044 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-24 21:21 - 2018-08-27 19:24 - 000003016 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-24 21:21 - 2018-08-27 19:24 - 000002974 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-24 21:21 - 2018-08-27 19:24 - 000002898 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-24 21:21 - 2018-08-27 19:24 - 000002804 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-05-24 21:21 - 2018-05-13 13:25 - 000003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-05-23 18:47 - 2019-01-04 12:09 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-05-23 13:51 - 2018-07-02 18:52 - 000001406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2019-05-23 13:51 - 2017-07-04 19:46 - 000000000 ____D C:\Program Files (x86)\Adobe

==================== Files in the root of some directories ================

2019-06-07 19:28 - 2019-06-07 19:28 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-06-07 19:28 - 2019-06-07 19:28 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2019-06-07 19:28 - 2019-06-07 19:28 - 000000000 ___SH () C:\Users\Usuario\AppData\Roaming\6
2019-06-04 20:32 - 2019-06-16 10:44 - 000001899 _____ () C:\Users\Usuario\AppData\Roaming\QRROPPGO.MTBF.txt
2019-06-08 11:32 - 2019-06-08 11:35 - 000002166 _____ () C:\Users\Usuario\AppData\Roaming\XAddonManager.plist
2019-06-04 20:33 - 2019-06-12 20:22 - 000003584 _____ () C:\Users\Usuario\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-02-28 21:04 - 2019-06-13 12:42 - 000534528 _____ (Dirección General de la Policía) C:\Users\Usuario\AppData\Local\DNIeService.exe
2018-09-21 13:30 - 2018-09-21 13:30 - 000000058 _____ () C:\Users\Usuario\AppData\Local\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2018-09-30 19:09 - 2018-09-30 19:09 - 000000000 _____ () C:\Users\Usuario\AppData\Local\oobelibMkey.log
2018-02-24 20:17 - 2018-02-24 20:17 - 000007602 _____ () C:\Users\Usuario\AppData\Local\Resmon.ResmonCfg
2019-04-16 21:26 - 2019-04-16 21:26 - 000000056 _____ () C:\Users\Usuario\AppData\Local\X-Plane 11 Preferences.prf
2019-04-16 21:48 - 2019-06-07 20:07 - 000000037 _____ () C:\Users\Usuario\AppData\Local\X-Plane Installer.prf
2019-04-16 21:00 - 2019-06-09 20:46 - 000000075 _____ () C:\Users\Usuario\AppData\Local\X-Plane_drm_11.prf
2019-04-16 20:59 - 2019-04-16 20:59 - 000000022 _____ () C:\Users\Usuario\AppData\Local\x-plane_install_11.txt

==================== FLock ================

2017-07-05 01:15 C:\WINDOWS\CSC

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2019
Ran by Usuario (17-06-2019 00:52:19)
Running from C:\Users\Usuario\Desktop
Windows 10 Pro Version 1803 17134.829 (X64) (2018-05-13 11:25:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrador (S-1-5-21-1638129444-2534472759-115848258-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1638129444-2534472759-115848258-503 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1638129444-2534472759-115848258-1003 - Limited - Enabled)
Invitado (S-1-5-21-1638129444-2534472759-115848258-501 - Limited - Disabled)
Usuario (S-1-5-21-1638129444-2534472759-115848258-1001 - Administrator - Enabled) => C:\Users\Usuario
WDAGUtilityAccount (S-1-5-21-1638129444-2534472759-115848258-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Actualización de NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.010.20100 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Español (HKLM-x32\...\{AC76BA86-7AD7-1034-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.2.476 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Lightroom Classic (HKLM-x32\...\LTRM_8_3_1) (Version: 8.3.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2019 (HKLM-x32\...\PHSP_20_0_4) (Version: 20.0.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
AIMP (HKLM-x32\...\AIMP) (Version: v4.13.1895, 07.05.2017 - AIMP DevTeam)
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
AnyBurn (HKLM-x32\...\AnyBurn) (Version: 3.6 - Power Software Ltd)
Argente - Registry Cleaner 3.1.2.0 (HKLM\...\Argente - Registry Cleaner_is1) (Version: 3.1.2.0 - Raúl Argente)
Audacity 2.1.3 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.3 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.5.2378 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Backup and Sync from Google (HKLM\...\{6E936AE8-D841-4F3C-BE25-496231AF73D9}) (Version: 3.44.4943.6228 - Google, Inc.)
Blender (HKLM\...\{E29A1273-2E7A-40E7-AA63-428A11D59429}) (Version: 2.79.2 - Blender Foundation)
BufferChm (HKLM-x32\...\{FA0FF682-CC70-4C57-93CD-E276F3E7537E}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
calibre 64bit (HKLM\...\{E7EFBCA5-EAB9-4CDE-9CD1-9179FE97E633}) (Version: 3.37.0 - Kovid Goyal)
Cast60 ESP 3.4.1.000 [DEMO CON CADUCIDAD] (HKLM-x32\...\{C1735999-713D-4987-8C93-CBC0A89CDEE8}_is1) (Version: 3.4.1.000 - hxxp://www.televes.com/)
CCleaner (HKLM\...\CCleaner) (Version: 5.58 - Piriform)
Compresor WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
Copy (HKLM-x32\...\{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
Cyotek WebCopy version 1.6.0.559 (HKLM-x32\...\{D5FAF1F8-C903-41b2-AC66-2682A02A78CB}_is1) (Version: 1.6.0.559 - Cyotek Ltd)
CYPE Ingenieros iTCalc [iTCalc] (HKLM\...\CYPE Ingenieros iTCalc [iTCalc]) (Version: iTCalc (x64) - CYPE Ingenieros)
Dazzle Video Capture DVC100 X64 Driver 1.07 (HKLM-x32\...\{631D71FD-237F-4D74-B090-88E66FBC5A10}) (Version: 1.07.0000 - Pinnacle)
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
DJ_AIO_NS_LP_DocCD (HKLM-x32\...\{C5C00116-FFD7-465e-8316-6055F320E7E5}) (Version: 90.0.222.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (HKLM-x32\...\{D7CDAC3E-0962-41D6-829D-6AB524120B43}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (HKLM-x32\...\{F2C4B91A-250C-4A68-94EB-9643151F892B}) (Version: 140.0.428.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (HKLM-x32\...\{EED759C0-F201-4422-86FA-264075B882ED}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 74.4.115 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.189.1 - Dropbox, Inc.) Hidden
eMule (HKLM-x32\...\eMule) (Version:  - )
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
e-Saver version 3.4.2 (HKLM-x32\...\{C97CA73D-E96B-4B42-830E-D0F7BD780FB8}_is1) (Version: 3.4.2 - AOC)
F4100 (HKLM-x32\...\{5C3AF724-B144-4AC1-B2CB-FB6D447116F1}) (Version: 140.0.425.000 - Hewlett-Packard) Hidden
F4100_Help (HKLM-x32\...\{A6B90148-02C5-4fd3-8D7A-EF2386835CB9}) (Version: 90.0.222.000 - Hewlett-Packard) Hidden
FFmpeg (Windows) for Audacity versión 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
GetDiz (HKLM-x32\...\GetDiz) (Version: 4.91 - Outertech)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
GPBaseService2 (HKLM-x32\...\{BB3447F6-9553-4AA9-960E-0DB5310C5779}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
HandBrake 1.1.1 (HKLM-x32\...\HandBrake) (Version: 1.1.1 - )
HDD Regenerator (HKLM-x32\...\{2445981B-A23B-4A0E-AD15-3D391BDAEC3E}) (Version: 1.71.0012 - Abstradrome)
Herramienta de descarga USB/DVD de Windows 7 (HKLM-x32\...\{266F443F-A296-406F-9EE8-DF4A1061C6CE}) (Version: 1.0.30 - Microsoft Corporation)
HP Deskjet All-In-One Software (HKLM\...\{2CB8566A-8EA6-417A-BAB1-1B10A88C79BB}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}) (Version: 140.0.298.000 - Hewlett-Packard) Hidden
i-Menu version 4.3.6 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.6 - AOC)
Intel Extreme Tuning Utility (HKLM-x32\...\{79E98F35-0524-446C-8EF5-4E863C4D87E2}) (Version: 6.2.0.24 - Intel Corporation) Hidden
Intel Extreme Tuning Utility (HKLM-x32\...\{7afa48c7-9901-40fa-8f9b-f0707e2bc5b6}) (Version: 6.2.0.24 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1068 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{df682aff-4294-4ad1-aaa7-276931d5781f}) (Version: 1.49.166.0 - Intel Corporation) Hidden
Intel® Software Guard Extensions Platform Software (HKLM-x32\...\ARP_for_prd_SGX_1.9.100.41172) (Version: 1.9.100.41172 - Intel Corporation)
iZotope Ozone 7 Advanced (HKLM-x32\...\iZotope Ozone 7 Advanced 7.00) (Version: 7.00 - iZotope, Inc.)
Karnaugh Map Minimizer 0.4 (HKLM-x32\...\Karnaugh Map Minimizer) (Version: 0.4 - Robert Kovacevic)
K-Lite Codec Pack 13.8.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 13.8.0 - KLCP)
Kutools for Excel (HKLM-x32\...\{E8D22633-7C44-4CAB-9637-D28E69F5B4AC}) (Version: 19.00 - Addin Technology Inc.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes versión 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Metro Exodus (HKLM-x32\...\{F25D08D9-EBE0-4C15-AAD2-50B446E85B17}_is1) (Version:  - 4A Games)
Microsoft Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1_F535B2CF-C9BB-4162-B03A-02D6971F32CC) (Version: 10.0.61355.0 - Microsoft Game Studios)
Microsoft Office Profesional Plus 2016 - es-es (HKLM\...\ProPlusRetail - es-es) (Version: 16.0.11629.20246 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Speech SDK 5.1 (HKLM-x32\...\{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}) (Version: 5.1.4324.0 - Microsoft)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
MixMeister Studio Demo 7.4.4 (HKLM-x32\...\mmssetup_is1) (Version:  - MixMeister Technology LLC)
Mozilla Firefox 67.0.2 (x64 es-ES) (HKLM\...\Mozilla Firefox 67.0.2 (x64 es-ES)) (Version: 67.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
Mp3tag v2.89a (HKLM-x32\...\Mp3tag) (Version: 2.89a - Florian Heidenreich)
MSI DPC Latency Tuner (HKLM-x32\...\{1AAC56F3-3F60-47DB-BE6B-088F36ADFDC5}_is1) (Version: 1.0.0.36 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.15 - MSI)
MSI Live Update 6 (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.2.0.57 - MSI)
MSI Mystic Light (HKLM-x32\...\{B798CF0A-F060-4054-9095-52B067C723C6}}_is1) (Version: 1.0.0.46 - MSI)
MSI RAMDisk (HKLM-x32\...\{F29CF050-7278-4CDB-9EF8-2DC6DAA87453}}_is1) (Version: 1.0.0.32 - MSI)
MSI Smart Tool (HKLM-x32\...\{DDCCA038-DAB1-4D09-B85C-848020AA75D6}}_is1) (Version: 1.0.0.40 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.3.0.28 - MSI)
MSI X Boost (HKLM-x32\...\{515143BB-7A11-4D85-B941-D520AAAA099C}_is1) (Version: 1.0.0.46 - MSI)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Nexus Root Toolkit (HKLM-x32\...\Nexus Root Toolkit) (Version: 2.1.9 - WugFresh)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.6.6 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA Controlador de audio HD 1.3.38.16 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.16 - NVIDIA Corporation)
NVIDIA Controlador de gráficos 430.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 430.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.18.0.102 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.102 - NVIDIA Corporation)
NVIDIA Software del sistema PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0C0A-0000-0000000FF1CE}) (Version: 16.0.11629.20246 - Microsoft Corporation) Hidden
Panel de control de NVIDIA 430.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 430.39 - NVIDIA Corporation) Hidden
Paquete de controladores de Windows - SIGMA Elektro GmbH (usbser) Ports  (01/04/2013 5.1.2600.5512) (HKLM\...\0034B8000CA3D41718B37144C5288C040EB74C65) (Version: 01/04/2013 5.1.2600.5512 - SIGMA Elektro GmbH)
Paquete de controladores de Windows - SIGMA Elektro GmbH (usbser) Ports  (01/04/2013 5.1.2600.5512) (HKLM\...\08AE394D2BC5301A3A34A857B6DA63FB7C7B050A) (Version: 01/04/2013 5.1.2600.5512 - SIGMA Elektro GmbH)
Paquete de controladores de Windows - SIGMA Elektro GmbH (usbser) Ports  (02/20/2017 1.7.0000.0000) (HKLM\...\F11095F081576CA0F709F279E5FC84AC50628B78) (Version: 02/20/2017 1.7.0000.0000 - SIGMA Elektro GmbH)
Pinnacle Studio 18 - Install Manager (HKLM\...\{39B53CC2-EE72-44E6-800D-C61A6465BF1A}) (Version: 18.0.234 - Corel Corporation)
Pinnacle Studio 18 (HKLM\...\{11FB47FB-B341-4FD8-A505-E4C0CC0536C1}) (Version: 18.0.0.234 - Corel Corporation)
Programa Saal Design (HKLM-x32\...\{CB151870-B711-E4E0-EDC2-19D7A047E986}) (Version: 4.1 - Saal Digital Fotoservice GmbH) Hidden
Programa Saal Design (HKLM-x32\...\ProgramaSaalDesign) (Version: 4.1 - Saal Digital Fotoservice GmbH)
PSeInt (HKLM-x32\...\PSeInt) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.25.119.2018 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8668 - Realtek Semiconductor Corp.)
ReNamer (HKLM-x32\...\ReNamer_is1) (Version: 6.7.0.0 - den4b Team)
Scan (HKLM-x32\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.253.000 - Hewlett-Packard) Hidden
Screen+ version Screen+ 1.4.2 (HKLM\...\Screen+_is1) (Version: Screen+ 1.4.2 - AOC)
Sigma Data Center 5.3 (HKLM-x32\...\Sigma Data Center5.3) (Version: 5.3 - Sigma Elektro GmbH)
Sigma Data Center 5.5 (HKLM-x32\...\Sigma Data Center5.5) (Version: 5.5 - Sigma Elektro GmbH)
Sigma Data Center 5.6 (HKLM-x32\...\Sigma Data Center5.6) (Version: 5.6 - Sigma Elektro GmbH)
SmartSound Quicktracks Plugin (HKLM-x32\...\{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.7 - SmartSound Software Inc) Hidden
SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.7 - SmartSound Software Inc)
Software para dispositivos de chipset Intel® (HKLM-x32\...\{44ded3eb-1686-46a6-9770-fd79096c29f7}) (Version: 10.1.1.45 - Intel(R) Corporation) Hidden
SolutionCenter (HKLM-x32\...\{BC5DD87B-0143-4D14-AAE6-97109614DC6B}) (Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (HKLM-x32\...\{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}) (Version: 140.0.342.000 - Hewlett-Packard) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.2.8352 - TeamViewer)
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 1.FFD.2017 - Thrustmaster)
TMPGEnc Video Mastering Works (HKLM-x32\...\TMPGEnc Video Mastering Works) (Version:  - )
Toolbox (HKLM-x32\...\{292F0F52-B62D-4E71-921B-89A682402201}) (Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total War ROME II Emperor Edition MULTi9 - ElAmigos versión 2.2.0.16155 (HKLM-x32\...\{E62FED7C-448C-427A-8B75-B7F5D10B8548}_is1) (Version: 2.2.0.16155 - SEGA)
TrayApp (HKLM-x32\...\{CD31E63D-47FD-491C-8117-CF201D0AFAB5}) (Version: 140.0.297.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Unlocker (HKLM\...\{5993C960-4E90-4A00-A2F3-D0C4020A6992}) (Version: 1.9.2 - ajua Custom Installers)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation)
USB Flash Security Ver.4.1.13 (HKLM-x32\...\KASHU_UsbEnterVer.4.1.13) (Version: Ver.4.1.13 - KASHU SYSTEM DESIGN INC.)
VisiPics V1.31 (HKLM-x32\...\VisiPics_is1) (Version:  - Ozone)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WebReg (HKLM-x32\...\{8EE94FD8-5F52-4463-A340-185D16328158}) (Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 5.70 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Wondershare Filmora(Build 8.0.0) (HKLM\...\Wondershare Filmora_is1) (Version:  - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
X-Plane 11 (HKLM-x32\...\X-Plane 11_is1) (Version:  - )

Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2018-10-13] (Adobe Systems Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.140.300.0_x86__kgqvnymyfvs32 [2019-05-28] (king.com)
Correo y Calendario -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-31] (Microsoft Corporation) [MS Ad]
Keeper - Password Manager & Secure File Storage -> C:\Program Files\WindowsApps\KeeperSecurityInc.Keeper_14.0.20.0_x64__kejf07qmg0jnm [2019-05-03] (Keeper Security Inc)
March of Empires: War of Lords -> C:\Program Files\WindowsApps\A278AB0D.MarchofEmpires_4.0.1.1_x86__h6adky7gbf63m [2019-05-16] (Gameloft.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-10] (Microsoft Corporation) [MS Ad]
Microsoft News: Noticias destacadas en español -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.30.10924.0_x64__8wekyb3d8bbwe [2019-04-03] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-15] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.11.402.0_x64__8wekyb3d8bbwe [2019-05-24] (Microsoft Studios)
MSN El Tiempo -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2018-06-07] (Thumbmunkeys Ltd) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-11] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1638129444-2534472759-115848258-1001_Classes\CLSID\{E31EA727-12ED-4702-820C-4B6445F28E1A} -> [Dropbox] => E:\Dropbox [2013-07-31 20:44]
CustomCLSID: HKU\S-1-5-21-1638129444-2534472759-115848258-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Inc. -> Adobe Systems)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [   AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-05-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-05-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2019-05-22] (Google LLC -> Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-07-05] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2019-01-27] (Notepad++ -> )
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-05-22] (Google LLC -> Google)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-07-12] (Florian Heidenreich) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-07-12] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [AIMP] -> {1F77B17B-F531-44DB-ACA4-76ABB5010A28} => C:\Program Files (x86)\AIMP\System\aimp_menu64.dll [2017-07-05] (Artem Izmaylov -> AIMP DevTeam)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2019-05-22] (Google LLC -> Google)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-07-12] (Florian Heidenreich) [File not signed]
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.0.dll [2019-05-07] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-05-27] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-02-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com

ShortcutWithArgument: C:\Users\Usuario\Desktop\eci.safanet.es - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Usuario\Desktop\Francisco Javier - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Usuario\Desktop\fundacionsafa.es - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Usuario\Desktop\qrroppgo - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Add MY Documents.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 2" --app-id=plmanjiaoflhcilcfdnjeffklbgejmje
ShortcutWithArgument: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Chrome RDP.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 1" --app-id=cbkkbcmdlboombapidmoeolnmdacpkch

==================== Loaded Modules (Whitelisted) ==============

2019-02-01 02:24 - 2019-02-01 02:24 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\es_es\acrotray.esp
2019-06-10 19:42 - 2016-07-21 10:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2019-06-10 19:42 - 2016-10-08 16:48 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2019-05-25 14:05 - 2005-07-18 13:43 - 000160256 _____ () [File not signed] C:\Program Files (x86)\MSI\Live Update\unrar.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_ctypes.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_elementtree.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_hashlib.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_multiprocessing.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_psutil_windows.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_socket.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_ssl.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_yappi.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\bz2.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\cello.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\common.time34.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\hashobjs_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\PIL._imaging.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pyexpat.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pysqlite2._sqlite.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pythoncom27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pywintypes27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\select.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\thumbnails_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\unicodedata.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\usb_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32api.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32com.shell.shell.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32crypt.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32event.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32file.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32gui.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32inet.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32pdh.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32pipe.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32process.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32profile.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32security.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32ts.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.conditional.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.connectivity.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.device_monitor.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.volumes.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.winwrap.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._controls_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._core_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._gdi_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._html2.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._misc_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._windows_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_ctypes.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_elementtree.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_hashlib.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_multiprocessing.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_psutil_windows.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_socket.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_ssl.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_yappi.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\bz2.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\cello.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\common.time34.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\hashobjs_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\PIL._imaging.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pyexpat.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pysqlite2._sqlite.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pythoncom27.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pywintypes27.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\select.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\thumbnails_ext.pyd

Cuarto Mensaje

2019-06-17 00:50 - 2019-06-17 00:50 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\unicodedata.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\usb_ext.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32api.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32com.shell.shell.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32crypt.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32event.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32file.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32gui.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32inet.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32pdh.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32pipe.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32process.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32profile.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32security.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32ts.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.conditional.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.connectivity.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.device_monitor.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.volumes.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.winwrap.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._controls_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._core_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._gdi_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._html2.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._misc_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._windows_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_ctypes.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_elementtree.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_hashlib.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_multiprocessing.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_psutil_windows.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_socket.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_ssl.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_yappi.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\bz2.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\cello.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\common.time34.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\hashobjs_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\PIL._imaging.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pyexpat.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pysqlite2._sqlite.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pythoncom27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pywintypes27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\select.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\thumbnails_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\unicodedata.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\usb_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32api.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32com.shell.shell.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32crypt.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32event.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32file.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32gui.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32inet.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32pdh.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32pipe.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32process.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32profile.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32security.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32ts.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.conditional.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.connectivity.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.device_monitor.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.volumes.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.winwrap.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._controls_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._core_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._gdi_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._html2.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._misc_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._windows_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_ctypes.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_elementtree.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_hashlib.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_multiprocessing.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_psutil_windows.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_socket.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_ssl.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_yappi.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\bz2.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\cello.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\common.time34.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\hashobjs_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\PIL._imaging.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pyexpat.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pysqlite2._sqlite.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pythoncom27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pywintypes27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\select.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\thumbnails_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\unicodedata.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\usb_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32api.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32com.shell.shell.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32crypt.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32event.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32file.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32gui.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32inet.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32pdh.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32pipe.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32process.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32profile.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32security.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32ts.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.conditional.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.connectivity.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.device_monitor.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.volumes.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.winwrap.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._controls_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._core_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._gdi_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._html2.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._misc_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._windows_.pyd
2012-09-15 00:17 - 2012-09-15 00:17 - 000032256 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpotra08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000954880 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsem08.rsc
2011-04-29 11:34 - 2011-04-29 11:34 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqstp08.rsc
2011-04-29 19:08 - 2011-04-29 19:08 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.rsc
2010-08-06 11:15 - 2010-08-06 11:15 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2010-08-06 11:15 - 2010-08-06 11:15 - 000054784 _____ (Hewlett-Packard) [File not signed] C:\WINDOWS\SYSTEM32\hpzipr12.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\python27.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\python27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\python27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\python27.dll
2017-08-10 19:28 - 2014-06-23 09:56 - 001113600 _____ (Robert Simpson, et al.) [File not signed] C:\Program Files (x86)\MSI\RAMDisk\System.Data.SQLite.dll
2018-05-27 11:43 - 2016-10-03 13:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\Mystic Light\Lib\SDKDLL.dll
2019-06-10 19:42 - 2016-10-08 16:49 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxbase30u_net_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxbase30u_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_adv_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_core_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_html_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_webview_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxbase30u_net_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxbase30u_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_adv_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_core_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_html_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_webview_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxbase30u_net_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxbase30u_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_adv_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_core_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_html_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_webview_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxbase30u_net_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxbase30u_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_adv_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_core_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_html_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_webview_vc90_x64.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
AlternateDataStreams: C:\Users\Public\AppData:CSM [227]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\02772585.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\12FC2A4E.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\02772585.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\12FC2A4E.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2019-06-10 19:54 - 000000860 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 platform.wondershare.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\iCLS\;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Calibre2\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-1638129444-2534472759-115848258-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "Wondershare Helper Compact.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D719974D-66D8-4828-92A6-C639586805B3}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2E68A9DB-96F0-4E5E-BC92-25C72C9F09A5}] => (Allow) C:\Users\Usuario\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1F1B4C60-9410-4642-905B-247C9CF39E51}] => (Allow) LPort=1688
FirewallRules: [TCP Query User{4B6DB649-3380-421B-BA33-802B5120A1C2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxps://www.emule-project.net) [File not signed]
FirewallRules: [UDP Query User{E442E20A-FEC0-49C6-8C97-9D96ADA6BFA2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxps://www.emule-project.net) [File not signed]
FirewallRules: [{DFD0AAB0-ADDD-464D-B220-874EACC63692}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{52B9C15E-AC41-4476-85EB-72BB6BB49F89}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BE002A39-DC97-4843-920B-94D4F5BABC82}] => (Allow) LPort=5847
FirewallRules: [{7B956E2A-1453-4514-A0FD-32AF2F005DFD}] => (Allow) LPort=5847
FirewallRules: [{F1B6E639-3632-46DD-8783-A298C7B1F7EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DB0D8E14-52E9-472D-8781-F2460C47FA98}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{93A61EF5-A3DA-420B-B5DA-0FB3F7AD0316}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{BCDFEEC9-BE46-41F4-9BDC-8FAD1CBDBEF2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{9D644841-570C-44F0-9F0E-80A022D16AB4}] => (Allow) LPort=19540
FirewallRules: [{FFDB63A0-C977-4C35-908E-B96AEC8B2940}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{53FB7C10-AADB-4155-86C7-F9401EB3789B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{F670A681-73E0-47AA-A341-14A9146BEA64}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4DA2DF06-2B64-425B-BE68-91A3AE97E81C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DAE9B818-2583-45F0-839F-CBF8EF28DD7A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E278446E-0081-4A1B-9811-1DA670CD1306}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7F41EFE4-EFB4-4B91-9724-34BFE72CDE29}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E0432FF4-5CB7-49DF-8808-1F26A6852E0C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{ACEC5DDA-4873-41A8-AD53-745C89CF9AF3}] => (Allow) C:\Games\X-Plane 11\X-Plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [{1BFCFE80-CC33-46A8-9BAA-2A5DB8330736}] => (Allow) C:\Games\X-Plane 11\X-Plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [{32031190-E24D-4BB6-8A4B-C35649193996}] => (Allow) C:\Games\X-Plane 11\X-Plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [{5DC5A428-FAAA-41BB-87C8-7572BAF625C4}] => (Allow) C:\Games\X-Plane 11\X-Plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [{1ECFA3AA-C399-44F6-80EE-5745E7D36BDD}] => (Allow) LPort=51000
FirewallRules: [TCP Query User{83ED9A63-C2B8-4802-8128-3E3E290804E3}C:\games\x-plane 11\x-plane.exe] => (Allow) C:\games\x-plane 11\x-plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [UDP Query User{7479EE44-4F70-4FD7-BD64-78D5640EE6F1}C:\games\x-plane 11\x-plane.exe] => (Allow) C:\games\x-plane 11\x-plane.exe (Laminar Research, LLC -> Laminar Research)
FirewallRules: [{5070796B-B6A9-4152-BC0A-0FE1C21710B0}] => (Allow) C:\Televes\iTCalc\iTCalc.exe (CYPE Ingenieros, S.A. -> CYPE Ingenieros S.A.)
FirewallRules: [{52DB9670-0E48-4CA1-87A3-7F2C0CAD23C1}] => (Allow) C:\Televes\iTCalc\iTCalc.exe (CYPE Ingenieros, S.A. -> CYPE Ingenieros S.A.)
FirewallRules: [{80DC788A-9ED3-4634-9266-9A4874DD3092}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{48FADB7A-16FF-4CCD-8EBE-635104D0351B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{6204301D-F6FA-46F0-BAAD-07E165EF41D7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{BFC26926-F956-471E-866A-EDA95A6877C8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{AF0F9399-3985-471B-B0A5-85115EC2CD9B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0AFE53F2-AC99-4042-8043-107C70637129}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{1A72186F-0890-465A-A6D8-4FB19644E544}] => (Block) %ProgramFiles%\Wondershare\Filmora\Filmora.exe No File
FirewallRules: [{C1116B81-4027-44FF-985F-DE3F00EEEEA9}] => (Block) %ProgramFiles% (x86)\Common Files\Wondershare\Wondershare Helper Compact\Wondershare Helper Compact.exe No File
FirewallRules: [{2FC35FD1-B8E4-4197-A40C-53ED7D53B194}] => (Allow) E:\Program Files\Pinnacle\Studio 18\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{3A94AE66-8EBD-4239-BA16-03CF8D8E2CB5}] => (Allow) E:\Program Files\Pinnacle\Studio 18\programs\RM.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{EC3D2914-B10F-49E3-8204-068BC67A9D2E}] => (Allow) E:\Program Files\Pinnacle\Studio 18\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{3E1E1504-E35B-40E0-B06E-ACEDE75E0105}] => (Allow) E:\Program Files\Pinnacle\Studio 18\programs\NGStudio.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{8B28A4B4-2D8A-46A9-A796-54C1FFE5A5FD}] => (Allow) E:\Program Files\Pinnacle\Studio 18\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{2D4575F6-FEA7-499E-9E6D-1824534E3E29}] => (Allow) E:\Program Files\Pinnacle\Studio 18\programs\UMI.exe (Corel Corporation -> Pinnacle)
FirewallRules: [{7D2F221E-4E4E-4DDE-BEB6-4F7268897B0E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

16-06-2019 23:49:13 Punto de control programado

==================== Faulty Device Manager Devices =============

Name: Dispositivo USB desconocido (Error de solicitud de descriptor de dispositivo)
Description: Dispositivo USB desconocido (Error de solicitud de descriptor de dispositivo)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Controladora de host USB estándar)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: Teclado PS/2 estándar
Description: Teclado PS/2 estándar
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Teclados estándar)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Mouse PS/2 de Microsoft
Description: Mouse PS/2 de Microsoft
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/17/2019 12:49:40 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (06/17/2019 12:49:29 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.

Error: (06/16/2019 07:45:38 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

Error: (06/16/2019 07:45:36 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Error de la activación de licencia (slui.exe) con el siguiente código:
hr=0xC004F074
Argumentos de línea de comandos:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=2de67392-b7a7-462a-b1ca-108dd189f588;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (06/16/2019 07:45:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Audacity\audacity.exe". Error en el archivo de manifiesto o directiva "" en la línea .
Una versión de componente requerida por la aplicación está en conflicto con la versión de otro componente activo.
Los componentes en conflicto son:.
Componente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_fb46a5473061b9d5.manifest.
Componente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.17134.829_none_42f3dc1e44dde2db.manifest.

Error: (06/16/2019 02:17:39 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Producto: Adobe Acrobat DC - la actualización "Adobe Acrobat DC
 (19.012.20035)" no se pudo instalar. Código de error 1603. Windows Installer no puede crear registros para ayudar a solucionar problemas de instalación de paquetes de software. Use el vínculo siguiente para obtener instrucciones sobre la activación de la compatibilidad de registro: http://go.microsoft.com/fwlink/?LinkId=23127

Error: (06/16/2019 02:17:35 PM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Producto: Adobe Acrobat DC -- Error 2718. Missing package name for product code '{AC76BA86-1033-FFFF-7760-0C0F074E4100}'.

Error: (06/16/2019 02:16:21 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Error al generar el contexto de activación para "C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest". Error en el archivo de manifiesto o directiva "C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL" en la línea 1.
La identidad de componente encontrada en el manifiesto no coincide con la del componente solicitado.
La referencia es UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
La definición es UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Use sxstrace.exe para obtener un diagnóstico detallado.


System errors:
=============
Error: (06/16/2019 09:58:38 PM) (Source: DCOM) (EventID: 10016) (User: QRROPPGO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario QRROPPGO\Usuario con SID (S-1-5-21-1638129444-2534472759-115848258-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/16/2019 07:45:46 PM) (Source: DCOM) (EventID: 10016) (User: QRROPPGO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario QRROPPGO\Usuario con SID (S-1-5-21-1638129444-2534472759-115848258-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/16/2019 07:45:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\Servicio de red con SID (S-1-5-20) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/16/2019 02:17:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario NT AUTHORITY\Servicio de red con SID (S-1-5-20) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/16/2019 02:07:59 PM) (Source: DCOM) (EventID: 10016) (User: QRROPPGO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 y APPID 
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
 al usuario QRROPPGO\Usuario con SID (S-1-5-21-1638129444-2534472759-115848258-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/16/2019 02:05:15 PM) (Source: DCOM) (EventID: 10016) (User: QRROPPGO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario QRROPPGO\Usuario con SID (S-1-5-21-1638129444-2534472759-115848258-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/16/2019 02:05:15 PM) (Source: DCOM) (EventID: 10016) (User: QRROPPGO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario QRROPPGO\Usuario con SID (S-1-5-21-1638129444-2534472759-115848258-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.

Error: (06/16/2019 02:05:14 PM) (Source: DCOM) (EventID: 10016) (User: QRROPPGO)
Description: La configuración de permisos específico de la aplicación no concede el permiso Activación Local para la aplicación de servidor COM con CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 y APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 al usuario QRROPPGO\Usuario con SID (S-1-5-21-1638129444-2534472759-115848258-1001) en la dirección LocalHost (con LRPC) que se ejecuta en el contenedor de aplicaciones con SID No disponible (No disponible). Este permiso de seguridad se puede modificar mediante la herramienta administrativa Servicios de componentes.


Windows Defender:
===================================
Date: 2019-04-07 14:10:01.329
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: containerfile:_E:\Mis programas\Edicion\Texto\Office\Office 2013\Microsoft_Toolkit_v2.5_beta4\Microsoft Toolkit.exe; file:_E:\Mis programas\Edicion\Texto\Office\Office 2013\Microsoft_Toolkit_v2.5_beta4\Microsoft Toolkit.exe->[SAResource]->[MSILRES:?.?.resources]
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.273.1626.0, AS: 1.273.1626.0, NIS: 1.273.1626.0
Versión de motor: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2019-04-07 14:10:01.328
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Mis programas\Sistema\Hack\KMSpico V. 10.1.8 - Windows 7-10, Office 2010-2016 Final\Portable\KMSpico Portable\AutoPico.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.273.1626.0, AS: 1.273.1626.0, NIS: 1.273.1626.0
Versión de motor: AM: 1.1.15100.1, NIS: 1.1.15100.1

Date: 2018-08-16 10:09:04.803
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:Win32/AutoKMS&threatid=2147685180&enterprise=0
Nombre: HackTool:Win32/AutoKMS
Id.: 2147685180
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: containerfile:_E:\Mis programas\Edicion\Texto\Office\Office 2013\Microsoft_Toolkit_v2.5_beta4\Microsoft Toolkit.exe;file:_E:\Mis programas\Edicion\Texto\Office\Office 2013\Microsoft_Toolkit_v2.5_beta4\Microsoft Toolkit.exe->[SAResource]->[MSILRES:?.?.resources];file:_E:\Mis programas\Edicion\Texto\Office\Office 2016\Activadores\KMSAuto Net 2015 v1.3.9 Portable\KMSAuto Net.exe;file:_E:\Mis programas\Sistema\Hack\KMSpico V. 10.1.8 - Windows 7-10, Office 2010-2016 Final\KMSpico Install\KMSpico_setup.exe;file:_E:\Mis programas\Sistema\Hack\KMSpico V. 10.1.8 - Windows 7-10, Office 2010-2016 Final\KMSpico Install\UnInstall_Service.cmd;file:_E:\Mis programas\Sistema\Hack\KMSpico V. 10.1.8 - Windows 7-10, Office 2010-2016 Final\Portable\KMSpico Portable\Auto (Run as Admin).cmd;file:_E:\Mis programas\Sistema\Hack\KMSpico V. 10.1.8 - Windows 7-10, Office 2010-2016 Final\Portable\KMSpico Portable\cert\installAll.cmd
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.269.149.0, AS: 1.269.149.0, NIS: 1.269.149.0
Versión de motor: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-08-16 10:09:04.802
Description: 
Antivirus de Windows Defender detectó malware u otro software potencialmente no deseado.
Para obtener más información consulte lo siguiente:
https://go.microsoft.com/fwlink/?linkid=37020&name=HackTool:MSIL/AutoKMS&threatid=2147711767&enterprise=0
Nombre: HackTool:MSIL/AutoKMS
Id.: 2147711767
Gravedad: Alta
Categoría: Herramienta
Ruta de acceso: file:_E:\Mis programas\Sistema\Hack\KMSpico V. 10.1.8 - Windows 7-10, Office 2010-2016 Final\Portable\KMSpico Portable\AutoPico.exe;file:_E:\Mis programas\Sistema\Hack\KMSpico V. 10.1.8 - Windows 7-10, Office 2010-2016 Final\Portable\KMSpico Portable\KMSELDI.exe
Origen de detección: Equipo local
Tipo de detección: Concreto
Fuente de detección: Sistema
Usuario: NT AUTHORITY\SYSTEM
Nombre de proceso: Unknown
Versión de firma: AV: 1.269.149.0, AS: 1.269.149.0, NIS: 1.269.149.0
Versión de motor: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-05-27 15:48:17.200
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2018-05-27 15:44:57.186
Description: 
La característica Protección en tiempo real de Antivirus de Windows Defender encontró un error:
Característica: Durante el acceso
Código de error: 0x8007043c
Descripción del error: El servicio no puede iniciarse en modo a prueba de errores 
Motivo: La protección antimalware dejó de funcionar por motivos desconocidos. En algunos casos, reiniciar el servicio puede que resuelva el problema.

Date: 2018-05-27 15:38:12.795
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.269.148.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.14901.4
Código de error: 0x84990419
Descripción del error: 

Date: 2018-05-27 15:38:12.795
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.269.148.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiSpyware
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.14901.4
Código de error: 0x84990419
Descripción del error: 

Date: 2018-05-27 15:38:12.795
Description: 
Antivirus de Windows Defender encontró un error al intentar actualizar las firmas.
Nueva versión de firma: 
Versión de firma anterior: 1.269.148.0
Origen de actualización: Centro de protección contra malware de Microsoft
Tipo de firma: AntiVirus
Tipo de actualización: Completa
Usuario: NT AUTHORITY\Servicio de red
Versión de motor actual: 
Versión de motor anterior: 1.1.14901.4
Código de error: 0x84990419
Descripción del error: 

CodeIntegrity:
===================================

Date: 2019-06-16 23:24:21.977
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-16 23:24:20.876
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-16 23:24:18.790
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-16 23:24:00.017
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-16 23:23:59.274
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-16 23:23:17.492
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-16 23:23:17.149
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2019-06-16 23:22:46.517
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume6\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info =========================== 

BIOS: American Megatrends Inc. A.30 04/06/2017
Motherboard: MSI B250M PRO-VDH (MS-7A70)
Processor: Intel(R) Core(TM) i5-7400 CPU @ 3.00GHz
Percentage of memory in use: 56%
Total physical RAM: 8156.97 MB
Available physical RAM: 3557.53 MB
Total Virtual: 21468.97 MB
Available Virtual: 15411.22 MB

==================== Drives ================================

Drive b: (RAMDisk) (Fixed) (Total:0.25 GB) (Free:0.25 GB) FAT
Drive c: () (Fixed) (Total:237.92 GB) (Free:6.18 GB) NTFS
Drive e: (DatosPC) (Fixed) (Total:931.5 GB) (Free:319.12 GB) NTFS
Drive f: (MediaPC) (Fixed) (Total:1863.01 GB) (Free:128.65 GB) NTFS
Drive g: (TOSHIBA) (Fixed) (Total:1863.01 GB) (Free:1455.8 GB) NTFS

\\?\Volume{6137ca48-3b44-4ceb-95f5-96248cc6fa89}\ (Recuperación) (Fixed) (Total:0.44 GB) (Free:0.05 GB) NTFS
\\?\Volume{93c22382-7b73-4f0c-a476-df960d948af1}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 565CA1DB)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: DEDB7C0D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0F Extended)

========================================================
Disk: 2 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: C1395BB2)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

Muchas gracias y un saludo.

Hola

Ya puedes perdonar el retraso en responderte

MUY Importante Realiza una copia de seguridad del registro :

• Para hacerlo descarga DelFix.exe( en tu escritorio).

• Doble clic para ejecutarlo.(Si usas Windows Vista/7/8 o 10 presiona clic derecho y selecciona -Ejecutar como Administrador-).

• Atención, ahora marca/selecciona únicamente la casilla "Create registry backup", las demás NO.

• Pulsar en Run.

Se abrirá el informe (DelFix.txt), guárdalo por si fuera necesario y cierra la herramienta.

A continuación inicia tu equipo desde el Modo Seguro de Windows sin función de red

Con los demás programas cerrados ve a Inicio Ejecutar y escribe Notepad.exe.

• Ahora debes copiar y pegar los códigos/líneas que están en el interior del recuadro de más abajo, dentro del Notepad.

START
CREATERESTOREPOINT:
CLOSEPROCESSES:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll
HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]
BootExecute: autocheck autochk * sh4native 7099
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {995D7996-82DD-4A14-9EEE-37FA4CD9F6D1} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2018-01-31] () [File not signed]
Task: {9E76E6FE-2619-4AC4-BFDD-EE2396DD753D} - System32\Tasks\Sk1948Pl => C:\Users\Usuario\AppData\Local\prunld8080\he9025.exe
Tcpip\..\Interfaces\{e83b853e-fad1-4836-ade7-a9884d87d166}: [NameServer] 8.8.8.8,8.8.4.4,95.216.188.196,116.203.6.218,8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-15]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-16]
CHR Extension: (Add MY Documents) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\plmanjiaoflhcilcfdnjeffklbgejmje [2019-06-16]
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-16]
S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]
2019-06-15 12:19 - 2019-06-15 14:04 - 000000000 ___HD C:\PanQkqyWevuqOJ0b
2019-06-07 19:28 - 2019-06-13 19:39 - 000002610 _____ C:\WINDOWS\System32\Tasks\Sk1948Pl
2019-06-07 19:28 - 2019-06-07 19:28 - 000000000 ____D C:\ProgramData\V5OK2JEQHXJWXH4BXOG48UCXO
2019-06-14 21:52 - 2018-05-27 15:45 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-07-12] (Florian Heidenreich) [File not signed]
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-07-12] (Florian Heidenreich) [File not signed]
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-07-12] (Florian Heidenreich) [File not signed]
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ShortcutWithArgument: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Add MY Documents.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 2" --app-id=plmanjiaoflhcilcfdnjeffklbgejmje
2019-06-17 00:49 - 2019-06-17 00:49 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_ctypes.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_elementtree.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_hashlib.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_multiprocessing.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_psutil_windows.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_socket.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_ssl.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_yappi.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\bz2.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\cello.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\common.time34.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\hashobjs_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\PIL._imaging.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pyexpat.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pysqlite2._sqlite.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pythoncom27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pywintypes27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\select.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\thumbnails_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\unicodedata.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\usb_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32api.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32com.shell.shell.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32crypt.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32event.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32file.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32gui.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32inet.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32pdh.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32pipe.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32process.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32profile.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32security.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32ts.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.conditional.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.connectivity.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.device_monitor.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.volumes.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.winwrap.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._controls_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._core_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._gdi_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._html2.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._misc_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._windows_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_ctypes.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_elementtree.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_hashlib.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_multiprocessing.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_psutil_windows.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_socket.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_ssl.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_yappi.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\bz2.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\cello.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\common.time34.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\hashobjs_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\PIL._imaging.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pyexpat.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pysqlite2._sqlite.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pythoncom27.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pywintypes27.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\select.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\thumbnails_ext.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\unicodedata.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\usb_ext.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32api.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32com.shell.shell.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32crypt.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32event.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32file.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32gui.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32inet.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32pdh.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32pipe.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32process.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32profile.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32security.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32ts.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.conditional.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.connectivity.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.device_monitor.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.volumes.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.winwrap.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._controls_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._core_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._gdi_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._html2.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._misc_.pyd
2019-06-17 00:50 - 2019-06-17 00:50 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._windows_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_ctypes.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_elementtree.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_hashlib.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_multiprocessing.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_psutil_windows.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_socket.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_ssl.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_yappi.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\bz2.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\cello.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\common.time34.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\hashobjs_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\PIL._imaging.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pyexpat.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pysqlite2._sqlite.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pythoncom27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pywintypes27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\select.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\thumbnails_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\unicodedata.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\usb_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32api.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32com.shell.shell.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32crypt.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32event.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32file.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32gui.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32inet.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32pdh.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32pipe.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32process.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32profile.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32security.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32ts.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.conditional.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.connectivity.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.device_monitor.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.volumes.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.winwrap.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._controls_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._core_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._gdi_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._html2.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._misc_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._windows_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_ctypes.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_elementtree.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_hashlib.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_multiprocessing.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_psutil_windows.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_socket.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_ssl.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_yappi.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\bz2.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\cello.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\common.time34.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\hashobjs_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\PIL._imaging.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pyexpat.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pysqlite2._sqlite.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pythoncom27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pywintypes27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\select.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\thumbnails_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\unicodedata.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\usb_ext.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32api.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32com.shell.shell.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32crypt.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32event.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32file.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32gui.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32inet.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32pdh.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32pipe.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32process.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32profile.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32security.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32ts.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.conditional.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.connectivity.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.device_monitor.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.volumes.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.winwrap.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._controls_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._core_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._gdi_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._html2.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._misc_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._windows_.pyd
2019-06-17 00:49 - 2019-06-17 00:49 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\python27.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\python27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\python27.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\python27.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxbase30u_net_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxbase30u_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_adv_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_core_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_html_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_webview_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxbase30u_net_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxbase30u_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_adv_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_core_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_html_vc90_x64.dll
2019-06-17 00:50 - 2019-06-17 00:50 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_webview_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxbase30u_net_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxbase30u_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_adv_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_core_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_html_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_webview_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxbase30u_net_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxbase30u_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_adv_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_core_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_html_vc90_x64.dll
2019-06-17 00:49 - 2019-06-17 00:49 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_webview_vc90_x64.dll
AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]
AlternateDataStreams: C:\Users\Public\AppData:CSM [227]
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]
FirewallRules: [TCP Query User{4B6DB649-3380-421B-BA33-802B5120A1C2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxps://www.emule-project.net) [File not signed]
FirewallRules: [UDP Query User{E442E20A-FEC0-49C6-8C97-9D96ADA6BFA2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxps://www.emule-project.net) [File not signed]
FirewallRules: [{1A72186F-0890-465A-A6D8-4FB19644E544}] => (Block) %ProgramFiles%\Wondershare\Filmora\Filmora.exe No File
FirewallRules: [{C1116B81-4027-44FF-985F-DE3F00EEEEA9}] => (Block) %ProgramFiles% (x86)\Common Files\Wondershare\Wondershare Helper Compact\Wondershare Helper Compact.exe No File

HOSTS:
REMOVEPROXY:
EMPTYTEMP:
CMD: netsh winsock reset
CMD: ipconfig /renew
CMD: ipconfig /flushdns
CMD: bitsadmin /reset /allusers
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
END

Guárdalo bajo el nombre de FIXLIST.TXT en el escritorio Esto es muy importante.

Nota Es importante que la herramienta FRST.exe (Farbar Recovery Scanner Tool) y FIXLIST.TXT se encuentren en la misma ubicación (escritorio) o si no, no trabajara.

• Ejecuta FRST.exe.(Si usas Windows Vista/7/8 o 10, presiona clic derecho y seleccionas -Ejecutar como Administrador-).
• Presionar el botón FIX y aguardar a que termine.
• La Herramienta guardara el reporte de reparación en el escritorio (FIXLOG.TXT).

Pega el contenido de este fichero en tu próxima respuesta.

Reiniciar el equipo y comprobar su funcionamiento en relación al problema planteado y comentarlo.

Un saludo

Hola Daniela.

He seguido los paso que me has indicado y lamento decir que el sigo teniendo el mismo problema.

Adjunto informe de DelFix.exe:

# DelFix v1.013 - Logfile created 20/06/2019 at 11:32:22
# Updated 17/04/2016 by Xplode
# Username : Usuario - QRROPPGO
# Operating System : Windows 10 Enterprise  (64 bits)

~ Creating registry backup ... OK

########## - EOF - ##########

Adjunto también informe generado por FRST.exe. Lo he tenido que dividir en dos mensajes:

Primer Mensaje:

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-06-2019
Ran by Usuario (20-06-2019 11:46:11) Run:2
Running from C:\Users\Usuario\Desktop
Loaded Profiles: Usuario (Available Profiles: Usuario)
Boot Mode: Safe Mode (minimal)
==============================================

fixlist content:
*****************
START

CREATERESTOREPOINT:

CLOSEPROCESSES:

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION

HKLM\...\Drivers32: [vidc.mjpg] => pvmjpgx40.dll

HKLM\...\Drivers32: [VIDC.FMVC] => C:\Windows\SysWOW64\fmcodec.dll [77824 2008-08-18] (Fox Magic Software) [File not signed]

BootExecute: autocheck autochk * sh4native 7099

GroupPolicy: Restriction ? <==== ATTENTION

GroupPolicy\User: Restriction ? <==== ATTENTION

FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

Task: {995D7996-82DD-4A14-9EEE-37FA4CD9F6D1} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1179648 2018-01-31] () [File not signed]

Task: {9E76E6FE-2619-4AC4-BFDD-EE2396DD753D} - System32\Tasks\Sk1948Pl => C:\Users\Usuario\AppData\Local\prunld8080\he9025.exe

Tcpip\..\Interfaces\{e83b853e-fad1-4836-ade7-a9884d87d166}: [NameServer] 8.8.8.8,8.8.4.4,95.216.188.196,116.203.6.218,8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1

Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-02-17] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.) [File not signed]

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]

FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]

CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-15]

CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-16]

CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-16]

CHR Extension: (Add MY Documents) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\plmanjiaoflhcilcfdnjeffklbgejmje [2019-06-16]

CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-16]

S1 amsdk; \??\C:\WINDOWS\system32\drivers\amsdk.sys [X]

2019-06-15 12:19 - 2019-06-15 14:04 - 000000000 ___HD C:\PanQkqyWevuqOJ0b

2019-06-07 19:28 - 2019-06-13 19:39 - 000002610 _____ C:\WINDOWS\System32\Tasks\Sk1948Pl

2019-06-07 19:28 - 2019-06-07 19:28 - 000000000 ____D C:\ProgramData\V5OK2JEQHXJWXH4BXOG48UCXO

2019-06-14 21:52 - 2018-05-27 15:45 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)

ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File

ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File

ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File

ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File

ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File

ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File

ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File

ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-07-12] (Florian Heidenreich) [File not signed]

ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-07-12] (Florian Heidenreich) [File not signed]

ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File

ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File

ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2018-07-12] (Florian Heidenreich) [File not signed]

ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File

ContextMenuHandlers1_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File

ContextMenuHandlers4_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File

ContextMenuHandlers5_.DEFAULT: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File

ShortcutWithArgument: C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Add MY Documents.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory="Profile 2" --app-id=plmanjiaoflhcilcfdnjeffklbgejmje

2019-06-17 00:49 - 2019-06-17 00:49 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_ctypes.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_elementtree.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_hashlib.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_multiprocessing.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_psutil_windows.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_socket.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_ssl.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_yappi.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\bz2.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\cello.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\common.time34.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\hashobjs_ext.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\PIL._imaging.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pyexpat.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pysqlite2._sqlite.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pythoncom27.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pywintypes27.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\select.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\thumbnails_ext.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\unicodedata.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\usb_ext.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32api.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32com.shell.shell.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32crypt.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32event.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32file.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32gui.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32inet.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32pdh.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32pipe.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32process.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32profile.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32security.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32ts.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.conditional.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.connectivity.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.device_monitor.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.volumes.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.winwrap.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._controls_.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._core_.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._gdi_.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._html2.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._misc_.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._windows_.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_ctypes.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_elementtree.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_hashlib.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_multiprocessing.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_psutil_windows.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_socket.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_ssl.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_yappi.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\bz2.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\cello.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\common.time34.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\hashobjs_ext.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\PIL._imaging.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pyexpat.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pysqlite2._sqlite.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pythoncom27.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pywintypes27.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\select.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\thumbnails_ext.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\unicodedata.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\usb_ext.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32api.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32com.shell.shell.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32crypt.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32event.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32file.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32gui.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32inet.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32pdh.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32pipe.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32process.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32profile.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32security.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32ts.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.conditional.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.connectivity.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.device_monitor.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.volumes.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.winwrap.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._controls_.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._core_.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._gdi_.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._html2.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._misc_.pyd

2019-06-17 00:50 - 2019-06-17 00:50 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._windows_.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_ctypes.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_elementtree.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_hashlib.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_multiprocessing.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_psutil_windows.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_socket.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_ssl.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_yappi.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\bz2.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\cello.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\common.time34.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\hashobjs_ext.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\PIL._imaging.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pyexpat.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pysqlite2._sqlite.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pythoncom27.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pywintypes27.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\select.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\thumbnails_ext.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\unicodedata.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\usb_ext.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32api.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32com.shell.shell.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32crypt.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32event.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32file.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32gui.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32inet.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32pdh.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32pipe.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32process.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32profile.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32security.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32ts.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.conditional.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.connectivity.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.device_monitor.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.volumes.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.winwrap.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._controls_.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._core_.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._gdi_.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._html2.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._misc_.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._windows_.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000113664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_ctypes.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000173568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_elementtree.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001800192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_hashlib.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000032256 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_multiprocessing.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000046080 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_psutil_windows.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000047616 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_socket.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 002230784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_ssl.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000026112 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_yappi.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000080896 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\bz2.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 006277632 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\cello.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000014848 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\common.time34.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000007680 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\hashobjs_ext.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000301568 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\PIL._imaging.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000169472 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pyexpat.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001084416 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pysqlite2._sqlite.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000548864 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pythoncom27.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 000137728 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pywintypes27.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 000010752 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\select.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000020992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\thumbnails_ext.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000689664 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\unicodedata.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000118784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\usb_ext.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000128512 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32api.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000438784 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32com.shell.shell.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000011776 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32crypt.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000023040 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32event.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000149504 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32file.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000223232 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32gui.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000048128 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32inet.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000029696 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32pdh.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000027648 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32pipe.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000044032 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32process.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32profile.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000136192 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32security.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000026624 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32ts.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000034304 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.conditional.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000038400 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.connectivity.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000073216 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.device_monitor.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000110592 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.volumes.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000020480 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.winwrap.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001325056 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._controls_.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001489408 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._core_.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001007104 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._gdi_.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000103424 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._html2.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 000916992 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._misc_.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 001039872 _____ () [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._windows_.pyd

2019-06-17 00:49 - 2019-06-17 00:49 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\python27.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\python27.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\python27.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 003042304 _____ (Python Software Foundation) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\python27.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxbase30u_net_vc90_x64.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxbase30u_vc90_x64.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_adv_vc90_x64.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_core_vc90_x64.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_html_vc90_x64.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_webview_vc90_x64.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxbase30u_net_vc90_x64.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxbase30u_vc90_x64.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_adv_vc90_x64.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_core_vc90_x64.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_html_vc90_x64.dll

2019-06-17 00:50 - 2019-06-17 00:50 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_webview_vc90_x64.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxbase30u_net_vc90_x64.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxbase30u_vc90_x64.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_adv_vc90_x64.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_core_vc90_x64.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_html_vc90_x64.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_webview_vc90_x64.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 000202240 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxbase30u_net_vc90_x64.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 002831872 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxbase30u_vc90_x64.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 001654784 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_adv_vc90_x64.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 006542336 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_core_vc90_x64.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 000773632 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_html_vc90_x64.dll

2019-06-17 00:49 - 2019-06-17 00:49 - 000137216 _____ (wxWidgets development team) [File not signed] C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_webview_vc90_x64.dll

AlternateDataStreams: C:\Windows:nlsPreferences [386]

AlternateDataStreams: C:\ProgramData\TEMP:1AAB2E68 [183]

AlternateDataStreams: C:\Users\Public\AppData:CSM [227]

AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [480]

FirewallRules: [TCP Query User{4B6DB649-3380-421B-BA33-802B5120A1C2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxps://www.emule-project.net) [File not signed]

FirewallRules: [UDP Query User{E442E20A-FEC0-49C6-8C97-9D96ADA6BFA2}C:\program files (x86)\emule\emule.exe] => (Allow) C:\program files (x86)\emule\emule.exe (hxxps://www.emule-project.net) [File not signed]

FirewallRules: [{1A72186F-0890-465A-A6D8-4FB19644E544}] => (Block) %ProgramFiles%\Wondershare\Filmora\Filmora.exe No File

FirewallRules: [{C1116B81-4027-44FF-985F-DE3F00EEEEA9}] => (Block) %ProgramFiles% (x86)\Common Files\Wondershare\Wondershare Helper Compact\Wondershare Helper Compact.exe No File

Segundo Mensaje:

HOSTS:

REMOVEPROXY:

EMPTYTEMP:

CMD: netsh winsock reset

CMD: ipconfig /renew

CMD: ipconfig /flushdns

CMD: bitsadmin /reset /allusers

CMD: netsh advfirewall reset

CMD: netsh advfirewall set allprofiles state ON

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

END
*****************

Error: Restore point can only be created in normal mode.
Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\vidc.mjpg" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32\\VIDC.FMVC" => not found
HKLM\System\CurrentControlSet\Control\Session Manager\\BootExecute => value restored successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" => not found
"C:\WINDOWS\system32\GroupPolicy\User" => not found
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{995D7996-82DD-4A14-9EEE-37FA4CD9F6D1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{995D7996-82DD-4A14-9EEE-37FA4CD9F6D1}" => removed successfully
"C:\WINDOWS\System32\Tasks\klcp_update" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\klcp_update" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9E76E6FE-2619-4AC4-BFDD-EE2396DD753D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E76E6FE-2619-4AC4-BFDD-EE2396DD753D}" => removed successfully
"C:\WINDOWS\System32\Tasks\Sk1948Pl" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Sk1948Pl" => removed successfully
"HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{e83b853e-fad1-4836-ade7-a9884d87d166}\\NameServer" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => removed successfully
HKLM\Software\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93}" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf => removed successfully
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-15] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-16] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-16] => Error: No automatic fix found for this entry.
CHR Extension: (Add MY Documents) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\plmanjiaoflhcilcfdnjeffklbgejmje [2019-06-16] => Error: No automatic fix found for this entry.
CHR Extension: (Chrome Media Router) - C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-16] => Error: No automatic fix found for this entry.
HKLM\System\CurrentControlSet\Services\amsdk => removed successfully
amsdk => service removed successfully
"C:\PanQkqyWevuqOJ0b" => not found
"C:\WINDOWS\System32\Tasks\Sk1948Pl" => not found
"C:\ProgramData\V5OK2JEQHXJWXH4BXOG48UCXO" => not found
"C:\ProgramData\Malwarebytes' Anti-Malware (portable)" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Pending) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{056D528D-CE28-4194-9BA3-BA2E9197FF8C} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Synced) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{05B38830-F4E9-4329-978B-1DD28605D202} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ MEGA (Syncing) => invalid subkey removed.
HKLM\Software\Wow6432Node\Classes\CLSID\{0596C850-7BDD-4C9D-AFDF-873BE6890637} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Mp3tagShell => removed successfully
HKLM\Software\Classes\CLSID\{6351E20C-35FA-4BE3-98FB-4CABF1363E12} => removed successfully
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Mp3tagShell => removed successfully
HKLM\Software\Classes\CLSID\{6351E20C-35FA-4BE3-98FB-4CABF1363E12} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Mp3tagShell => removed successfully
HKLM\Software\Classes\CLSID\{6351E20C-35FA-4BE3-98FB-4CABF1363E12} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
"HKU\\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx" => not found
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
C:\Users\Usuario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplicaciones de Chrome\Add MY Documents.lnk => Shortcut argument removed successfully
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_ctypes.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_elementtree.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_hashlib.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_multiprocessing.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_psutil_windows.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_socket.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_ssl.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\_yappi.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\bz2.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\cello.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\common.time34.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\hashobjs_ext.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\PIL._imaging.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pyexpat.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pysqlite2._sqlite.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pythoncom27.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\pywintypes27.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\select.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\thumbnails_ext.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\unicodedata.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\usb_ext.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32api.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32com.shell.shell.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32crypt.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32event.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32file.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32gui.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32inet.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32pdh.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32pipe.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32process.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32profile.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32security.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\win32ts.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.conditional.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.connectivity.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.device_monitor.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.volumes.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\windows.winwrap.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._controls_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._core_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._gdi_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._html2.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._misc_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wx._windows_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_ctypes.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_elementtree.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_hashlib.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_multiprocessing.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_psutil_windows.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_socket.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_ssl.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\_yappi.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\bz2.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\cello.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\common.time34.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\hashobjs_ext.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\PIL._imaging.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pyexpat.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pysqlite2._sqlite.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pythoncom27.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\pywintypes27.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\select.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\thumbnails_ext.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\unicodedata.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\usb_ext.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32api.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32com.shell.shell.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32crypt.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32event.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32file.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32gui.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32inet.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32pdh.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32pipe.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32process.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32profile.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32security.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\win32ts.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.conditional.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.connectivity.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.device_monitor.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.volumes.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\windows.winwrap.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._controls_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._core_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._gdi_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._html2.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._misc_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wx._windows_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_ctypes.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_elementtree.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_hashlib.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_multiprocessing.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_psutil_windows.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_socket.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_ssl.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\_yappi.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\bz2.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\cello.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\common.time34.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\hashobjs_ext.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\PIL._imaging.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pyexpat.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pysqlite2._sqlite.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pythoncom27.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\pywintypes27.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\select.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\thumbnails_ext.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\unicodedata.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\usb_ext.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32api.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32com.shell.shell.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32crypt.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32event.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32file.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32gui.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32inet.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32pdh.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32pipe.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32process.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32profile.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32security.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\win32ts.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.conditional.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.connectivity.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.device_monitor.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.volumes.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\windows.winwrap.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._controls_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._core_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._gdi_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._html2.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._misc_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wx._windows_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_ctypes.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_elementtree.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_hashlib.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_multiprocessing.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_psutil_windows.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_socket.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_ssl.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\_yappi.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\bz2.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\cello.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\common.time34.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\hashobjs_ext.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\PIL._imaging.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pyexpat.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pysqlite2._sqlite.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pythoncom27.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\pywintypes27.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\select.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\thumbnails_ext.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\unicodedata.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\usb_ext.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32api.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32com.shell.shell.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32crypt.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32event.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32file.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32gui.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32inet.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32pdh.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32pipe.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32process.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32profile.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32security.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\win32ts.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.conditional.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.connectivity.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.device_monitor.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.volumes.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\windows.winwrap.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._controls_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._core_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._gdi_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._html2.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._misc_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wx._windows_.pyd" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\python27.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\python27.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\python27.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\python27.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxbase30u_net_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxbase30u_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_adv_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_core_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_html_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI123882\wxmsw30u_webview_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxbase30u_net_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxbase30u_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_adv_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_core_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_html_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI124202\wxmsw30u_webview_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxbase30u_net_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxbase30u_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_adv_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_core_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_html_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI29962\wxmsw30u_webview_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxbase30u_net_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxbase30u_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_adv_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_core_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_html_vc90_x64.dll" => not found
"C:\Users\Usuario\AppData\Local\Temp\_MEI32522\wxmsw30u_webview_vc90_x64.dll" => not found
"C:\Windows" => ":nlsPreferences" ADS not found.
"C:\ProgramData\TEMP" => ":1AAB2E68" ADS not found.
"C:\Users\Public\AppData" => ":CSM" ADS not found.
"C:\Users\Public\Shared Files" => ":VersionCache" ADS not found.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{4B6DB649-3380-421B-BA33-802B5120A1C2}C:\program files (x86)\emule\emule.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E442E20A-FEC0-49C6-8C97-9D96ADA6BFA2}C:\program files (x86)\emule\emule.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1A72186F-0890-465A-A6D8-4FB19644E544}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C1116B81-4027-44FF-985F-DE3F00EEEEA9}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

========= RemoveProxy: =========

"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully
"HKU\S-1-5-21-1638129444-2534472759-115848258-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings" => removed successfully
"HKU\S-1-5-21-1638129444-2534472759-115848258-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings" => removed successfully


========= End of RemoveProxy: =========


========= netsh winsock reset =========


El cat logo Winsock se restableci¢ correctamente.
Debe reiniciar el equipo para completar el restablecimiento.


========= End of CMD: =========


========= ipconfig /renew =========


Configuraci¢n IP de Windows


========= End of CMD: =========


========= ipconfig /flushdns =========


Configuraci¢n IP de Windows

No se puede vaciar la cach‚ de resoluci¢n de DNS: Error de una funci¢n durante la ejecuci¢n.


========= End of CMD: =========


========= bitsadmin /reset /allusers =========


BITSADMIN version 3.0
BITS administration utility.
(C) Copyright Microsoft Corp.

Unable to connect to BITS - 0x8007043c
El servicio no puede iniciarse en modo a prueba de errores



========= End of CMD: =========


========= netsh advfirewall reset =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh advfirewall set allprofiles state ON =========


Error al intentar ponerse en contacto con el servicio Firewall de Windows Defender. Aseg£rate de que el servicio se est  ejecutando e intenta la solicitud de nuevo.


========= End of CMD: =========


========= netsh int ipv4 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


========= netsh int ipv6 reset =========

No hay valores configurados por el usuario para restablecer.


========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10650409 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 30825 B
Edge => 0 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1822 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Usuario => 1399195847 B

RecycleBin => 31572 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:48:41 ====

Gracias por tu atención y por tu tiempo.

Saludos.

Hola

Vamos a ver si quedan infecciones, realiza un analisis con EsetOnline, sigue su manual

Trae el reporte y comenta como sigue el problema.

Un saludo

Hola Daniela.

He realizado el análisis con EsetOnline, y el reporte es el siguiente:

22/06/2019 12:32:19
Archivos explorados: 509668
Archivos infectados: 10
Amenazas eliminadas: 10
Tiempo total de exploración 01:59:23
Estado de la exploración: Finalizado


C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\amtlib.dll	Win32/HackTool.Crack.FE aplicación potencialmente no segura	desinfectado por eliminación
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\painter.ini	Win32/HackTool.Crack.EM aplicación potencialmente no segura	desinfectado por eliminación
C:\ProgramData\FlashSys\trz8AA9.tmp	una variante de Win64/Packed.VMProtect.CH troyano	desinfectado por eliminación
C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Default\Cache\f_000006	JS/ScrInject.B troyano	desinfectado por eliminación
C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 1\Cache\f_00012d	una variante de Win32/UltraReach.AG aplicación potencialmente no segura	eliminado
C:\Users\Usuario\AppData\Local\Google\Chrome\User Data\Profile 3\Cache\f_000024	JS/ScrInject.B troyano	desinfectado por eliminación
C:\Users\Usuario\AppData\Roaming\uTorrent\updates\3.5.0_43916.exe	Win32/OpenCandy.J aplicación potencialmente no segura	eliminado
C:\Users\Usuario\AppData\Roaming\ZHP\Quarantine\ZHPCleaner\Help.dll	una variante de Win32/Spy.Agent.PSW troyano	desinfectado por eliminación
C:\Users\Usuario\Desktop\zTemporal\Hirens.Boot.DVD.15.2.Restored.Edition.1.1\Hirens.Boot.DVD.15.2.Restored.Edition.1.1\hbcd-15.2-Restored-V1.1-dvd-proteus.iso	varias amenazas,una variante de Win32/Adware.SpeedingUpMyPC.AM aplicación,una variante de Win32/Packed.Autoit.NAC aplicación sospechosa,MSIL/HackTool.Wpakill.A aplicación potencialmente no segura,Win32/HackTool.WinActivator.I aplicación potencialmente no segura	eliminado
C:\Users\Usuario\Desktop\u1902.exe	una variante de Win32/UltraReach.AG aplicación potencialmente no segura	desinfectado por eliminación

Gracias y un saludo.

Hola

Como sigue el problema.

Un saludo

Hola Daniela.

Después de haber pasado el EsetOnline el problema sigue igual.

La verdad es que este problema me tiene ya un poco desesperado, y después de 8 días creo que ha llegado el momento de formatear y volver a reinstalar desde cero, a ver si así me consigo salir de esta situación. A partir de ahora voy a tener más cuidado con lo que instalo, ejecuto o abro en mi equipo.

Quería sobre todo agradecerte tu ayuda y el tiempo que has dedicado a mi problema.

Muchísimas gracias y un afectuoso saludo.

Hola @qrro_ppgo

Todavía quedaría de hacer más cosas, en principio hemos empezado desinfectando, a veces, simplemente con la desinfección se resuelve el problema, pero en otras ocasiones lleva más tiempo, hace falta utilizar más programas, pero si ya has decidido formatear, pues adelante …

Gracias a ti por confiar en ForoSpyware. Ha sido un placer ayudarte

Un saludo